Jaysu
Banned
- Joined
- 21.09.20
- Messages
- 122
- Reaction score
- 836
- Points
- 63
This month, access to the switchboard of one of the telecom operators was sold on the darknet.
Cybercriminals are preparing to carry out mass attacks on the bank accounts of Russian users next month. According to DeviceLock, attackers can exploit a vulnerability in mobile communications that allows them to intercept SMS messages for authorization in banking applications.
At the beginning of last month, access to the switch of one of the mobile operators was put up for sale in the darknet for $30 thousand in bitcoins. The presence of such access will allow attackers to intercept control over the OKS-7 signaling system (SS7), which controls the traffic of telecom operators, and intercept calls and SMS messages of all operators with which the switch owner has a roaming agreement. By intercepting SMS messages for authorization in banking applications, cybercriminals can enter the victim's personal account and steal her money.
According to DeviceLock, at the beginning of this month, access to the switch was purchased by a buyer, probably from the CIS countries. The fact is that the greatest interest in the product was shown by Russian-speaking cybercriminals who specialize in attacks on bank accounts.
To carry out an attack, attackers must first collect data about future victims by "punching". This will take them from two weeks to a month. Given that access was acquired in early April, the attacks could begin in early May, when Russians will be distracted by the holidays.
As representatives of financial organizations note, to log in to the online banking application, it is not enough to have only a confirmation code from an SMS message, you also need credentials. However, they can be obtained with the help of the same "punch".
Cybercriminals are preparing to carry out mass attacks on the bank accounts of Russian users next month. According to DeviceLock, attackers can exploit a vulnerability in mobile communications that allows them to intercept SMS messages for authorization in banking applications.
At the beginning of last month, access to the switch of one of the mobile operators was put up for sale in the darknet for $30 thousand in bitcoins. The presence of such access will allow attackers to intercept control over the OKS-7 signaling system (SS7), which controls the traffic of telecom operators, and intercept calls and SMS messages of all operators with which the switch owner has a roaming agreement. By intercepting SMS messages for authorization in banking applications, cybercriminals can enter the victim's personal account and steal her money.
According to DeviceLock, at the beginning of this month, access to the switch was purchased by a buyer, probably from the CIS countries. The fact is that the greatest interest in the product was shown by Russian-speaking cybercriminals who specialize in attacks on bank accounts.
To carry out an attack, attackers must first collect data about future victims by "punching". This will take them from two weeks to a month. Given that access was acquired in early April, the attacks could begin in early May, when Russians will be distracted by the holidays.
As representatives of financial organizations note, to log in to the online banking application, it is not enough to have only a confirmation code from an SMS message, you also need credentials. However, they can be obtained with the help of the same "punch".