Security News > 2017 > May > Criminals are Now Exploiting SS7 Flaws to Hack Smartphone Two-Factor Authentication Systems (Schneier on Security)
2017-05-10 11:50
I've previously written about the serious vulnerabilities in the SS7 phone routing system. Basically, the system doesn't authenticate messages. Now, criminals are using it to hack smartphone-based two-factor authentication systems: In short, the issue with SS7 is that the network believes whatever you tell it. SS7 is especially used for data-roaming: when a phone user goes outside their own provider's...
News URL
https://www.schneier.com/blog/archives/2017/05/criminals_are_n.html