How to hack Gmail and a Bitcoin Wallet using SS7 Flaw



Hack Gmail And A Bitcoin Wallet With Just A Name And A Mobile Number Using SS7 Flaw

Long back we had published a report how anybody can hack WhatsApp using the SS7 flaw. The SS7 flaw has existed for eons now along with fixes but the GSM and Telecom companies are neither inclined nor bothered to patch their infrastructure against the flaw.

Now a cybersecurity company called Positive Technologies has come out with a video detail how anyone can hack any Gmail account with simply a name and a mobile number using the SS7 flaw. After hacking the Gmail account of the victim, the researchers then proceed to steal a Bitcoin Wallet using the same SS7 flaw. The Positive researchers sent their video to Thomas Fox-Brewster, an ace investigative reporter from Forbes along with the details how to achieve the hack.

What is SS7 flaw?

The vulnerability lies in Signalling System 7, or SS7, the technology used by telecom operators, on which the highly secure messaging system and telephone calls rely. SS7 is a set of telephony signaling protocols developed in 1975, which is used to set up and tear down most of the world’s public switched telephone network (PSTN) telephone calls. It also performs number translation, local number portability, prepaid billing, Short Message Service (SMS), and other mass market services.

SS7 is vulnerable to hacking and this has been known since 2008. In 2014, the media reported a protocol vulnerability of SS7 by which both government agencies and non-state actors can track the movements of cell phone users from virtually anywhere in the world with a success rate of approximately 70%. In addition, eavesdropping is possible by using the protocol to forward calls and also facilitate decryption by requesting that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded. Researchers created a tool (SnoopSnitch) which can warn when certain SS7 attacks occur against a phone and detect IMSI-catchers.



How to hack Gmail using the SS7 flaw

In the PoC video, the researchers used a phone number to first crack Google’s email service, Gmail.  Once the email account was identified, the researchers sent a password request to Gmail servers. As per the protocol, Gmail sent the one-time authorization codes to the victim’s phone. Positive Technology researchers then used the SS7 flaw to intercept the SMS text containing the OTP. Once they got the OTP, hacking the victim’s Gmail account and resetting the password was easy.  They immediately chose a new password and took control of the Gmail account.

Using these details they headed to the Coinbase website. Here also they used the same modus operandi, i.e. do another password reset using the email they had hacked. Coinbase also sent an OTP to the victim’s smartphone which was similarly hacked by the researchers using the same SS7 flaw. Once they had access to the OTP, they could reset the password to the victim’s Bitcoin Wallet and had access to all the bitcoins saved in the wallet.

“This hack would work for any resource – real currency or virtual currency – that uses SMS for password recovery,” said Positive researcher Dmitry Kurbatov told Forbes. “This is a vulnerability in mobile networks, which ultimately means it is an issue for everyone, especially services relying on the mobile network to send security codes.”

Accessing SS7 hackers has also become easy with easily available IMSI catchers. Kurbatov told Forbes that there are many websites on the dark web like Interconnector which sell SS7 services.  “The risk lies in the fact that cybercriminals can potentially buy access to SS7 illegitimately [on the] dark web,” Kurbatov noted.

PoC video of How to Hack Gmail and Bitcoin Wallet using SS7 flaw

vijay

Recent Posts

VideoProc: Process, Convert, Download 4K / HD Videos Fast (Giveaway and Sweepstake)

In pursuit of shooting or recording higher-quality and richer-effect 4K / HD videos, an increasing number of people start to…

5 hours ago

Popular Pirate Streaming Giant HDS.to Shuts Down

HDS.to is the next pirate streaming website to shutdown HDS.to, one of the leading streaming sites in predominantly French-speaking countries…

20 hours ago

Instagram Bug Accidentally Exposed Passwords Of Many Users

A few months ago Instagram rolled out the "Download Your Data" feature to comply with the new European data privacy regulations, General…

22 hours ago

You can now watch ad-supported free Hollywood movies on YouTube

YouTube is now streaming ad-supported Hollywood movies for free Google’s YouTube, the popular video streaming service, has quietly added around…

2 days ago

Is WatchAsap displaying a seizure banner by the feds?

WatchAsap shows a seizure banner on its website Earlier this year, 123movies, also known as 123movieshub and GoMovies, had officially announced that…

2 days ago

OneMov Operator’s Home Raided By Cyber police in Ukraine

Cyber police in Ukraine raids pirate site for infringing Universal’s copyrights The Ukrainian cyber police recently raided the home of…

2 days ago