Last month, hackers hacked Telegram messenger and email accounts of several cryptocurrency executives, exploiting a vulnerability in a decade-old protocol.

The fraudsters are believed to have tried to capture the two-factor authentication codes of the victims in an attack on the Israeli telecommunications company, Partner Communications Company, formerly known as Orange Israel.

The attacks are currently being investigated by the Israeli National Cybersecurity Administration and the Mossad National Intelligence Agency.

At least 20 Partner Communications Company subscribers are at risk, according to cybersecurity publication Bleeping Computer.

Analysis of this incident by the Israeli cybersecurity company Pandora Security indicates that the devices may have been compromised in the Signaling System 7 attack. SS7 contains a set of protocols used to facilitate the exchange of information on connected public telephone networks that communicate over digital signaling networks. .

Hackers can use SS7 to intercept text messages and calls via roaming and “update the location of the device as if it were registered on another network.”

Although the SS7 protocol was first developed in 1975, it is now widely used worldwide.

Pandora co-founder Tsashi Ganot has warned that national authorities must modernize their telecommunications infrastructure to defend themselves against current security threats.

He said the hackers also imitated their victims on Telegram in unsuccessful attempts to entice their close acquaintances to carry out cryptocurrency transactions:

“In some cases, the hackers imitated the victims in their [Telegram] accounts and wrote to some of their acquaintances demanding that they exchange BTC for ETC and the like […] as far as we know, no one got a bait.
SS7 attacks are similar to SIM swaps, where the phone number associated with the victim’s SIM card is reallocated to a device under the control of hackers.

US telecom providers have faced many lawsuits from executive customers who are victims of SIM swaps.

Source: CoinTelegraph

LEAVE A REPLY