Experts who understand how phone networks work as well as what their vulnerabilities are have warned about its dangers for years. However, it would seem that the attacks they feared were even more common than previously believed.
Telecoms have been using a private Signaling System Number 7 (SS7) network that has been vulnerable to cyber attacks. And on the other side, users being ignorant to complete even their simple security puzzle like installing a good antivirus program – are making it easy for the cybercriminals to do what they want.
Now, a service on the Dark Web is asking users to pay $500 and in return, it will track the targeted smartphone for them. The tracking will include intercepting texts, track phones and even completely cut off the cellular service to other people.
This service can be accessed at zkkc7e5rwvs4bpxm.onion to those who uses the Tor network. It’s called the ‘Interconnector,’ and besides the $500-worth full access, it also offers deals for smaller fees. For example, you can intercept texts for $250 or only get a report about the certain cell phone for $150.
Some of the wealthier users may even choose to pay the ultimate price of $5,500 and get direct access to the SS7 port itself. Basically, for this amount, they’ll get everything they could need to start their telecom service.
According to a report from TheVerge, there were reports of people paying to the manager of this website, but then being ignored. Many have thus labeled this offer a scam. However, this was followed by a sudden website activity in which it offered a new and free page where you’ll be able to test the service yourself.
The access won’t be free, of course, but heavily limited. So far, everything seems to indicate that this is real SS7 hacking and that it’s not a scam. SS7 network is a closed network and not like the internet. It was only supposed to be accessed by several phone companies.
For that reason, there are a few authentication systems for those who use it. The researchers were concerned that SS7 can be hacked through the telecom companies or even reprogrammed directly.
The manager of this website (Interconnect0r) refused to say how they managed to get or keep access to this network. They did mention that accessing and maintaining access didn’t come with some significant technical difficulties. This was surprising considering that the phone companies put in a lot of effort and interventions to keep the network safe.
Not only that, but they also said that many others have had access to this network by using similar methods and that it’s much easier to do so than someone might think. All you need is the right info, or the right guidance, according to Interconnect0r.
As for the network itself, it’s vulnerabilities aren’t a new thing. In fact, it was known for years that it had problems, but nobody bothered to do something about them. The flaws and dangers of hacking this system were demonstrated back in 2014 by Karten Nohl. It was said even then that this system could be used for tracking people’s real location, read their texts and redirect calls.
DDoS attacks are increasing, calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.