Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Cyber criminals intercept codes used for banking – to empty your accounts
#1
Quote:Two factor authentication (2FA) is a method widely used by the financial institutions worldwide to keep their customers’ money safe: you know, those short 4-6-digit codes you receive from your bank that you have to input to approve a transaction. Usually, banks send those one-time passwords in SMS text messages. Unfortunately, SMS is one of the weakest ways to implement 2FA, as text messages can be intercepted. And that is what has just happened in the UK.

How can the criminals get your text messages? Well, there are different ways, and one of the most extravagant is exploiting a security flaw in SS7, a protocol used by telecommunications companies to coordinate how they route texts and calls (you can read more about it in this post). SS7 network does not care who sent the request. So, if malefactors manage to access it, the network will follow their commands to route text messages or calls, as if those commands were legitimate.

READ MORE INFORMATION HERE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Coyote: A multi-stage banking Trojan abusing the Squirrel installer mrtrout 0 703 02-13-2024 , 03:37 AM
Last Post: mrtrout
  Scammers put fake QR codes on parking meters to intercept parkers’ payments mrtrout 0 517 01-13-2022 , 03:27 AM
Last Post: mrtrout
  Android malware BrazKing returns as a stealthier banking trojan mrtrout 0 560 11-19-2021 , 10:08 AM
Last Post: mrtrout
  FBI and Europol Shut Down ‘Bulletproof’ VPN Service That Helped Criminals mrtrout 0 655 08-15-2021 , 09:52 PM
Last Post: mrtrout
  New Variant of IcedID Banking Trojan Spreading Wildely mrtrout 0 994 06-29-2021 , 11:24 PM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)