A German newspaper has revealed how the hackers have exploited the vulnerabilities in SS7 to swindle off the money from peoples’ accounts.
The SS7 refers to the Common Channel Interoffice Signalling 7 (CCIS7) or the Signalling System 7 (SS7). The SS7 is the protocol in the mobile phones that checks and monitors how the text messages and calls are governed and exchanged by mobile phones.
These days, most of the banks offer a two-factor authentication, where the customers receive a one time temporary password (OTP). It is to be used after entering the regular ID and password for undertaking bank transactions.
If someone is capable of accessing the customers’ text message by hacking the vulnerabilities of SS7, they gain access to the text messages and OTPs. The hacking is done at the level of the telecom companies, and there isn’t much that the customers and the banks can do in this regard to prevent or counter the attack.
And, this is exactly what has happened.
According to Suddeutsche Zeitung, the aforementioned German newspaper, hackers were able to attack SS7 in January 2017, and thus, swindled money from the accounts of bank customers. The newspaper has reported the modus operandi of the hackers.
They first, through phishing attacks, gained access to the primary login credentials of their victims. Afterwards, they attacked the SS7 to transact money from the accounts.
One of the main telecom companies affected by the January attack was O2-Telefonica. The attack meant that the incoming text messages with the OTPs were diverted to the hackers, who in turn, used them to pull money from the accounts of the victims.
According to the director of telecoms security at Positive Technologies, Michael Downs, the future of 4G and 5G networks aren’t secure. Going forward, these vulnerabilities can lead to severe damages as a lot more devices will have telecommunication capabilities with the advent of the Internet of Things (IoT).
Telecom companies need to take immediate action and prevent such breaches from happening again.