This is how hackers attack your Bitcoin wallet online

For years, researchers have warned of serious problems with Signaling System 7 (SS7) - a set of phone protocols that can allow hackers to listen to personal phone calls and read text messages. Large-scale version, despite the most advanced encryption used by mobile networks.

Created in the 1980s, SS7 is a collection of telephone protocols that accommodates more than 800 telecom operators around the world, including AT&T and Verizon to connect and exchange data, such as Routing calls and texts together, enabling roaming and many other services.

Although many fixes have been released, global mobile networks have always ignored this issue and argue that the exploitation of SS7's weaknesses requires a large technical and financial investment, so user risk is extremely low.

1. Ransomware 'Your Windows has been banned' extorting users with a face value of 50 USD Bitcoin
2. Guide to digging Bitcoin for beginners
3. Are you curious what inside the vast Bitcoin Iceland digging plant looks like?

However, earlier this year, we saw a real attack, the hacker used the design flaw in SS7 to extract the victim's bank account by blocking two-factor authentication codes. (disposable password or OTP authentication code) sent to customers and redirected them to hackers.

The white-hat hackers of Positive Technologies have proven that cyber criminals can exploit the SS7 vulnerability to control online Bitcoin wallets to steal victims' money.

This is how hackers attack Bitcoin wallets and steal money

">

To demonstrate the attack, Positive researchers obtained the Gmail address and phone number of the target, then requested to reset the password for the account, including sending the authorized token once to send to the number. Phone of the target.

Just like in previous SS7 hacks, researchers blocked SMS messages containing 2FA code by exploiting a known design flaw in SS7 and accessing Gmail mailboxes.

Since then, researchers accessing straight to Coinbase accounts have been registered with the compromised Gmail account and created another password for the victim's Coinbase wallet. After that, they logged into their wallets and took all the money in it.

Fortunately, this attack is done by security researchers, not cyber criminals, so there is no damage to the Bitcoin encryption system.

The above is just an example of an SS7 vulnerability attack, however, they are not limited to cryptocurrency wallets. Any service, such as Facebook and Gmail, is based on two-factor authentication.

We need to avoid using 2-factor authentication via SMS messages to receive OTP codes. Instead, it is recommended to rely on encryption keys based on encryption as a second authentication factor.