O2 confirms SS7 exploit to steal bank account funds

May 05, 2017

O2 confirms SS7 exploit to steal bank account funds

The thirty year old Signal Switching 7 (SS7) protocol is used to enable mobile networks to interconnect. The problem is that the protocol was designed at a time when security was not a consideration. The main consideration was to have a fast, light protocol.

Security experts have been warning that SS7 is not a secure protocol and it could be exploited to intercept SMS.

SMS has become a preferred method to send authentication codes as part of two factor authentication.

O2 has confirmed that SS7 has been compromised as part of an elaborate attack used to drain the bank accounts of UI unsuspecting individuals.

Time to move away from this insecure protocol it think.

https://www.theregister.co.uk/2017/05/03/hackers_fire_up_ss7_flaw/

Search This Blog

Sukhbir on Security

O2 confirms SS7 exploit to steal bank account funds

Comments

Post a Comment

Popular Posts

Passwords for more than a half million internet connected devices leaked

Just 'adding Internet' is not enough.