«In 2023, we observed a rarer type of access offering that could be used to accomplish the same ends as SIM hijacking but by different means : The threat actor offered access to a SS7 admin panel for a telecom provider in southeastern Europe. SS7 is known to suffer from some weaknesses such as a lack of built-in auth. In fact, attackers with unauthorized access to SS7 systems have carried out successful attacks» #swapping #mobile #telecom #threats #online #sms #hijacking #services [ https://intel471.com/blog/a-briefing-on-sim-hijacking ] #informatique
A CISA official has revealed multiple SS7 / similar attacks in the 🇺🇸 U.S. in recent years. Startlingly, it seems he didn't get permission of his agency and revealed these attacks himself, saying they are the tip of the iceberg. ( Joseph Cox ) [ https://www.404media.co/cyber-official-speaks-out-reveals-mobile-network-attacks-in-u-s/ ]