Telecoms Protocol From 1975 Exploited To Target 20 Crypto Executives
At least 20 crypto executives and customers of an Israeli telecommunications company were targeted in a sophisticated SS7 attack last month. Telecoms Protocol From 1975 Exploited To Target 20 Crypto Executives
Hackers compromised Telegram messenger and email accounts of multiple cryptocurrency executives last month by exploiting a vulnerability in a decades-old protocol.
The fraudsters are believed to have been trying to intercept two-factor authentication codes of victims in an attack on Israel-based telecommunications provider Partner Communications Company, formerly known as Orange Israel.
The attacks are currently being investigated by Israel’s National Cyber Security Authority and national intelligence agency Mossad.
According to cybersecurity publication Bleeping Computer, the devices of at least 20 Partner Communications Company subscribers were compromised.
Israel-based cybersecurity firm Pandora Security’s analysis of the event suggests the devices were likely breached via a Signaling System 7 attack. SS7 comprises a set of protocols that are used to facilitate the exchange of information within public switched telephone networks interacting over digital signaling networks.
Hackers can exploit SS7 to intercept text messages and calls by using a roaming feature and “updating the location of their device as if it registered to a different network.”
Despite first being developed in 1975, the SS7 protocol is currently in widespread use globally.
Pandora co-founder Tsashi Ganot warned that national governments must update their telecommunications infrastructure to protect against modern security threats.
He said the hackers had also impersonated their victims on Telegram in unsuccessful attempts to lure close acquaintances into making crypto trades:
“In some cases, the hackers posed as the victims in their [Telegram] accounts and wrote to some of their acquaintances, asking to exchange BTC for ETC and the like […] as far as we’re aware no one fell for the bait.”
The SS7 attacks are reminiscent of SIM-swapping that reassigns the phone number associated with a victim’s SIM-card to a device under the hackers’ control.
U.S.-based telecom providers have faced multiple lawsuits from crypto executive clients that have been targeted by SIM-swap attacks.
Meanwhile, apart from IMSI catchers, a whole other vulnerability has been exposed: Companies such as Verint Systems and Defentek have produced devices that exploit a huge security hole in SS7 (short for Signaling System 7), the network that interconnects every cellular provider around the world.
Using SS7, researchers on laptops have been able to pinpoint the location of a particular cell phone anywhere in the world—and even intercept calls.
The attacker does leave an IP address as a trace. “But if that IP address leads somewhere like Russia or China,” says Tobias Engel, who cracked SS7 in a 2014 demonstration in Hamburg, “you really don’t know much more.”
The industry lobbying group CTIA–The Wireless Association maintains that SS7 is more secure in America than in Europe.
“Outside the U.S., the networks are more fragmented, not as homogeneous,” says John Marinho, who runs the group’s cybersecurity working group.
One company which has developed another multimillion-dollar software package, called Oversight, aimed at warding off SS7 attacks—disagrees. “That’s comical,” he says. “I can tell you we performed tests on U.S. carriers, and they’re just as vulnerable as anyone else.”
What fascinates Rigmaiden the most—and what sometimes makes him want to go live in the woods again—is how no matter what happens with Apple’s battle, the cell phone network problem may be with us for as long as there are networks.
“This isn’t something that can really be fixed,” he says. “It’s just built into the way communications work. You can always zero into one signal among many signals, if you have enough data. You don’t need to hack anything—just analyze the signals in the air.”
Telecoms Protocol From 1975,Telecoms Protocol From 1975,Telecoms Protocol From 1975,Telecoms Protocol From 1975,Telecoms Protocol From 1975,Telecoms Protocol From 1975,Telecoms Protocol From 1975,