CYBR650

Week 8

SS7 vulnerabilities used to steal money from bank accounts

Cyber hackers have found a vulnerability in the SS7 protocol allowing them to steal money from bank accounts.  SS7 which stands for Signal System 7 is a protocol used in telephony telecommunications worldwide. It provides most of the world the ability to make call from different networks. It was developed in the mid 1970’s and does not provide any protections or requires any authentication making it easy for third parties to connect to the SS7 network.

German newspaper Süddeutsche Zeitung reported on Wednesday May 3, 2017 hackers had used a vulnerability in SS7 to get around the two-factor authentication (2FA) and were able to complete unauthorized wire transfers. The attackers most likely used phishing techniques to gain access to bank account information. According to Eduard Kovacs from Security Week magazine “and then launched an SS7 attack to obtain the mobile transaction authentication number (mTAN) sent by the bank via SMS. mTANs are one-time passwords used by banks to confirm financial transactions… According to Süddeutsche Zeitung, the attackers forwarded the SMS messages containing the mTAN to a number they controlled, allowing them to complete the wire transfers they had initiated from victims’ accounts.” (Kovacs, 2017)

References

Kovacs, E. (2017, May 4). Hackers Exploit SS7 Flaws to Loot Bank Accounts. Retrieved from Security Week: http://www.securityweek.com/hackers-exploit-ss7-flaws-loot-bank-accounts