A well-known flaw in the SS7 system can redirect your login security code to the hacker.
Security experts have been warning us about the vulnerabilities of Signalling System 7 (SS7), a global set of telephony protocols primarily used to connect one mobile phone network to another.
Recently, Positive Technologies, an independent high-growth global cyber security company, shared a video detailing how hackers can fool the two-factor authentication system to compromise Gmail accounts as well as rob Bitcoin wallets by exploiting the same SS7 flaw. In its press release, Positive Technologies stated:
“Minimum personal information about a victim – their first name, last name, and phone number – was enough to hack a test wallet in Coinbase. By exploiting SS7 vulnerabilities to intercept SMS with one-time passwords, PT researchers were able to learn the email address linked to the wallet, obtained control over it, and gained access to the wallet itself. Once they had the account password for the wallet, they were easily able to withdraw cybermoney.”
The video below shows how easy it is to hack into a bitcoin wallet by intercepting text messages in transit. Once they reset the Gmail password of the victim’s account using the eavesdropped text message code, they were also able to reset a Coinbase account, which was registered with a Gmail account.
The SS7 system, apart from protecting text messages and telephone calls, performs many important functions like prepaid billing, local number portability, translation of numbers and short messaging service (SMS).
Though it was developed in 1975, SS7 was identified to be vulnerable to hacking in 2008. In 2014, it was reported that the SS7 vulnerability could be used by the government and hackers to track the movements of mobile phone users from any location around the world with 70% accuracy.
Positive Technologies’ research team warns criminals can also just attack the network directly instead of spending millions on buying this access. “It’s much easier and cheaper to get direct access to the SS7 interconnection network and then craft specific SS7 messages, instead of trying to find a ready-to-use SS7 hijack service.”
Basically, two-factor authentication using text messages is putting your online security at even more risk. So, if you want to protect your Gmail account or your bitcoin wallet, you must uncheck the two-factor authentication option as well as remove your phone number from your Gmail settings.