Hackers with access to the Signaling System 7 (SS7) used for connecting mobile networks across the world were able to gain access to Telegram messenger and email data of high-profile individuals in the cryptocurrency business.
In what is believed to be a targeted attack, the hackers were after two-factor authentication (2FA) login codes delivered over the short messaging system of the victim’s mobile phone provider.
Hackers pulling an SS7 attack can intercept text messages and calls of a legitimate recipient by updating the location of their device as if it registered to a different network (roaming scenario).
The attack occurred in September and targeted at least 20 subscribers of the Partner Communications Company (formerly known as Orange Israel), all of them involved at a higher level in cryptocurrency projects.
Tsachi Ganot, the co-founder of
Pandora Security in Tel-Aviv, who investigated the incident and assisted victims with regaining access to their accounts, told BleepingComputer that all clues point to an SS7 attack.
