Otto
Advanced
- Joined
- 22.09.20
- Messages
- 107
- Reaction score
- 375
- Points
- 63
Some companies forward SMS messages to another number without requesting permission for this operation or even notifying the user.
A specialist of the Motherboard publication has discovered a dangerous problem, the operation of which allows attackers to secretly redirect SMS messages of victims to their number by purchasing the corresponding services from telecommunications companies.
As part of the attack, the criminals use text message management services for businesses to discreetly redirect text messages and gain access to any two-factor authorization codes or links in text messages.
Some companies forward SMS messages to another number without asking for permission for this operation, and without even notifying the user that their text messages are now being sent to someone else.
Researcher Joseph Cox (Joseph Cox) asked his friend an information security expert to attack his number and redirect SMS messages to another number. According to the expert, such an attack cost him only $16. Some companies that provide SMS forwarding services have confirmed to experts that they have already faced similar attacks.
Hackers have found many ways to use SMS and cellular systems to access other people's messages — SIM card spoofing and attacks on SS7 networks have been widely used for several years, and sometimes even used against high-ranking targets. SIM spoofing is fairly easy to detect as the phone disconnects from the cellular network, but with SMS redirection, it can take quite a long time before the user notices the attack, giving attackers the opportunity to compromise accounts.
A specialist of the Motherboard publication has discovered a dangerous problem, the operation of which allows attackers to secretly redirect SMS messages of victims to their number by purchasing the corresponding services from telecommunications companies.
As part of the attack, the criminals use text message management services for businesses to discreetly redirect text messages and gain access to any two-factor authorization codes or links in text messages.
Some companies forward SMS messages to another number without asking for permission for this operation, and without even notifying the user that their text messages are now being sent to someone else.
Researcher Joseph Cox (Joseph Cox) asked his friend an information security expert to attack his number and redirect SMS messages to another number. According to the expert, such an attack cost him only $16. Some companies that provide SMS forwarding services have confirmed to experts that they have already faced similar attacks.
Hackers have found many ways to use SMS and cellular systems to access other people's messages — SIM card spoofing and attacks on SS7 networks have been widely used for several years, and sometimes even used against high-ranking targets. SIM spoofing is fairly easy to detect as the phone disconnects from the cellular network, but with SMS redirection, it can take quite a long time before the user notices the attack, giving attackers the opportunity to compromise accounts.
