Hackers hijack Telegram, email accounts in SS7 mobile attack

silversurfer

Level 68
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
5,771
Hackers with access to the Signaling System 7 (SS7) used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business.

In what is believed to be a targeted attack, the hackers were after two-factor authentication (2FA) login codes delivered over the short messaging system of the victim’s mobile phone provider.

Hackers pulling an SS7 attack can intercept text messages and calls of a legitimate recipient by updating the location of their device as if it registered to a different network (roaming scenario).

The attack occurred in September and targeted at least 20 subscribers of the Partner Communications Company (formerly known as Orange Israel), all of them involved at a higher level in cryptocurrency projects.

Tsachi Ganot, the co-founder of Pandora Security in Tel-Aviv, who investigated the incident and assisted victims with regaining access to their accounts, told BleepingComputer that all clues point to an SS7 attack.
 
Top