Signalling System No. 7 (SS7) vulnerability exploited by hackers to drain accounts protected by 2FA

Hackers in Germany have started to exploit a long known vulnerability in the Signalling System No. 7 (SS7), a set of telephony signalling protocols used by over 800 network providers around the world. German telecom operator 02-Telefonica has confirmed that thieves have used weaknesses in the protocol to bypass two factor authentication (2FA) security measures put in place by banks, according to a report by The Register.

SS7 is set of protocols developed in 1975, at a time when most of the major network operators were large corporations or state run. As the service providers trusted each other explicitly at that time, authentication measures were not put into place. The set of protocols allows users to send text messages across political boundaries, as well as continue to maintain a telephonic conversation while travelling in a high speed train. The same functionality allows hackers to intercept text messages, track a person's physical location and eavesdrop on conversations, according to a report in Ars Technica. '

The siphoning out of the money from bank accounts of individuals is a two step operation. In the first phase, the computers used by the targets are infected with malware through e-mails. The malware is then used to gain details about the accounts of the mark, including the bank balance, the phone number, and the login details of the bank accounts. Then, the attackers purchased access to a rogue network service provider, before initiating a transaction. The 2FA code used to authenticate the transaction was diverted to a number controlled by the hackers.

Usually, the hackers would siphon out the money while the target was sleeping. The hackers would need internal access to a telecommunications provider to execute the attack. A foreign operator was used for the attacks in Germany. Traditionally, such an interception required the sim card of the target to be cloned, but this method allows hackers to siphon out the money from a lot more bank accounts.

Considering the number of networks worldwide using the flawed system, it could potentially take years for the problem to be decisively fixed.

Published Date: May 08, 2017 11:49 am | Updated Date: May 08, 2017 11:49 am