Hackers Took Over Telegram Accounts In Israel Through SS7 Attacks To Defeat 2FA

By   ISBuzz Team
Writer , Information Security Buzz | Oct 21, 2020 01:29 am PST

Researchers from Tel-Aviv based ‘Pandora Security’ have discovered a new wave of SS7 attacks that targeted at least twenty subscribers of the ‘Partner Communications Company’ (former ‘Orange Israel’) telecom services provider and these targets are also members of cryptocurrency projects. The actors were well prepared and feared that they have an account password and now targetting SMS codes to defeat two-factor authentication.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Christoph Hebeisen
Christoph Hebeisen , Director, Security Intelligence Research
October 21, 2020 9:31 am

SMS\’s susceptibility to attacks is well understood and it should therefore not be considered a secure method for two-factor authentication. This is especially the case when dealing with sophisticated or well-funded attackers that may infiltrate or control carrier networks. Routing calls to third-party carriers is an important feature to enable roaming of mobile devices. However, since no secure verification takes place between the device and its home carrier to verify that it has signed on to a roaming partner\’s network, roaming partners (or an attacker with access to their network) can re-route calls and text messages, broadening the attack surface for text messages far beyond the home carrier. This incident is an example of how this weakness can be abused for targeted attacks by a sophisticated actor.

Last edited 3 years ago by Christoph Hebeisen

Recent Posts

Would love your thoughts, please comment.x