A report said that 20 crypto executives and customers of an Israeli telecommunications company were targeted in a sophisticated Signaling System 7 (SS7) attack last month, as hackers compromised their Telegram messenger and e-mail accounts by exploiting a vulnerability in a decades-old protocol.
It has been reported that the fraudsters are believed to have been trying to intercept two-factor authentication codes of victims in an attack on Israel-based telecommunications provider Partner Communications Company, formerly known as Orange Israel.
However, the attacks are being investigated by Israel’s National Cyber Security Authority and the national intelligence agency Mossad.
According to cybersecurity publication Bleeping Computer, the devices of at least 20 Partner Communications Company subscribers were compromised.
The attack exploited a vulnerability in a globally-used telecommunications protocol that was first developed in 1975 https://t.co/ki3iwD4imo — Cointelegraph (@Cointelegraph) October 20, 2020
An Israel-based cybersecurity firm Pandora Security’s analysis of the event suggests that the devices were likely breached through an SS7attack.
SS7 comprises a set of protocols that are used to facilitate the exchange of information within the public switched telephone networks interacting over digital signaling networks.
Likewise, hackers can exploit SS7 to intercept text messages and calls by using a roaming feature and “updating the location of their device as if it registered to a different network.” Despite first being developed in 1975, the SS7 protocol is currently in widespread use globally.
Tsashi Ganot, the co-founder of Pandora, warned that national governments must update their telecommunications infrastructure to protect against modern security threats.
He said that the hackers had also impersonated their victims on Telegram in unsuccessful attempts to lure close acquaintances into making crypto trades.
“In some cases, the hackers posed as the victims in their [Telegram] accounts and wrote to some of their acquaintances, asking to exchange BTC for ETC and the like […] as far as we’re aware no one fell for the bait.”
As per the report, the SS7 attacks are reminiscent of SIM-swapping that reassigns the phone number associated with a victim’s SIM-card to a device under the hackers’ control.
Thus, US-based telecom providers have faced multiple lawsuits from crypto executive clients that have been targeted by SIM-swap attacks.