Sunday, February 3, 2019

Hackers Now Banking on Two-Factor Authentication for Profit

Sophisticated hackers have long exploited flaws in SS7, a protocol used by telecom companies to coordinate how they route texts and calls around the world. Those who exploit SS7 can potentially track phones across the other side of the planet, and intercept text messages and phone calls without hacking the phone itself. 

This activity was typically only within reach of intelligence agencies or surveillance contractors, but now Motherboard has confirmed that this capability is much more widely available in the hands of financially-driven cybercriminal groups, who are using it to empty bank accounts. So-called SS7 attacks against banks are, although still relatively rare, much more prevalent than previously reported. Motherboard has identified a specific bank—the UK's Metro Bank—that fell victim to such an attack...

One source familiar with SS7 attacks across banks said the exploitation has targeted banks globally, but that American banks seem to be less impacted. more

Reader comment: "Please note the Motherboard reporter carefully differentiates between "sophisticated hackers" and "financially-driven cybercriminal groups".  I hope you'll consider being equally judicious in your own reporting and online comments."