- Hackers targeted 20 well-performing cryptocurrency executives from the Israeli Telecommunication company.
- These cryptocurrency business individuals are the customers of Partner Communication Company, formerly called as Orange Israel
It is reported that their Telegram messenger and emails were hacked. Hackers completely exploited their accounts through SS7 (Signaling System 7) protocol which is a very old protocol, developed in 1975.
SS7 protocol is used to transfer information such as messages or calls from one end to another. When using this protocol, one network can pass through another network. It is reported that the fraudsters tried to seize the two-step authentication factors of victims. By doing this, they kept in the control of all the calls and messages received in the victim’s mobile. They clearly targeted individuals who are involved in high-value cryptocurrency projects. They asked for BTC and ETH from some of the contacts and also through the mail.
The case is further being scrutinised by the National Cyber Security of Israel and Mossad, National Intelligence Agency. According to Bleeping Computer, 20 customers or subscribers got hacked. All their calls, texts and even location had been traced and brought in their control. Pandora Security, the cybersecurity firm in Israel, analysed the incident and brought back the controls and access of victims. They also confirmed that the complete incident is related to the SS7 attack.
Tsashi Ganot, Co-founder of Pandora Security, asked all the National Government must update their telecommunication services in order to stay away from these threats. He also said that the hackers have tried their level best to get in touch with other contacts in Telegram and were not successful. The fraudsters had good knowledge as they knew complete details of the victim’s unique International Subscriber Numbers. This includes MSISDN – Mobile Station International Subscriber Directory Number and IMSI – International Mobile Subscriber Identity numbers.
Signaling System 7 attack is more similar to sim-swapping. In sim-swapping, the victim’s mobile number will be reassigned to the hacker’s device through which he could get all the data. There are previous reports from Israel media consisting of SS7 attacks, and still, the case is under investigation. However, it is a clear sign that Partner Communication is not responsible for this fault, and any Telecommunication Service Provider would have fallen prey for those fraudsters. So keeping the services updated, may protect them from such kinds of security threats.