Hackers Took Over Telegram Accounts In Israel Through SS7 Attacks To Defeat 2FA

Researchers from Tel-Aviv based ‘Pandora Security’ have discovered a new wave of SS7 attacks that targeted at least twenty subscribers of the ‘Partner Communications Company’ (former ‘Orange Israel’) telecom services provider and these targets are also members of cryptocurrency projects. The actors were well prepared and feared that they have an account password and now targetting SMS codes to defeat two-factor authentication.

Experts Comments

October 21, 2020
Christoph Hebeisen
Director, Security Intelligence Research
Lookout
SMS's susceptibility to attacks is well understood and it should therefore not be considered a secure method for two-factor authentication. This is especially the case when dealing with sophisticated or well-funded attackers that may infiltrate or control carrier networks. Routing calls to third-party carriers is an important feature to enable roaming of mobile devices. However, since no secure verification takes place between the device and its home carrier to verify that it has signed on to .....Read More
SMS's susceptibility to attacks is well understood and it should therefore not be considered a secure method for two-factor authentication. This is especially the case when dealing with sophisticated or well-funded attackers that may infiltrate or control carrier networks. Routing calls to third-party carriers is an important feature to enable roaming of mobile devices. However, since no secure verification takes place between the device and its home carrier to verify that it has signed on to a roaming partner's network, roaming partners (or an attacker with access to their network) can re-route calls and text messages, broadening the attack surface for text messages far beyond the home carrier. This incident is an example of how this weakness can be abused for targeted attacks by a sophisticated actor.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.