Vulnerabilities in mobile networks opens bitcoin wallets to hackers

Dmitry Kurbatov of Positive Technologies

Cryptocurrencies offer unprecedented transaction speeds and remittance security, but this is compromised by the weak security of digital wallets storing them. Positive Technologies has demonstrated an attack on a user account of Coinbase — one of the largest bitcoin exchanges in the world, which manages assets of over 9 million clients, with more than 20 billion USD in various digital currencies combined on their accounts.

Minimum personal information about a victim – their first name, last name, and phone number – was enough to hack a test wallet in Coinbase. By exploiting SS7 vulnerabilities to intercept SMS with one-time passwords, PT researchers were able to learn the email address linked to the wallet, obtained control over it, and gained access to the wallet itself. Once they had the account password for the wallet, they were easily able to withdraw cybermoney.

Positive Technologies was one of the first to pay attention to SS7 security flaws. Attacks exploiting these vulnerabilities can be launched from anywhere, which is a great benefit to attackers. In spring 2017, the first cases of attacks exploiting SS7 were registered in Germany, in which money was stolen from bank accounts.

Cybercriminals intercepted texts with online banking authentication codes sent to customers of Telefonica Germany (O2), a German mobile operator, and used them to carry out unauthorised transactions.

“We work in close coordination with telecom operators to discover threats before hackers do, in order to protect subscribers. Exploiting SS7 specific features is one of several existing ways to intercept SMS. Unfortunately, it is still impossible to opt out of using SMS for sending one-time passwords.

It is the most universal and convenient two-factor authentication technology. All telecom operators should analyse vulnerabilities and systematically improve the subscriber security level,” says Dmitry Kurbatov, head of telecommunications security department at Positive Technologies.

The attack method is demonstrated in this video.

Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus

RECENT ARTICLES
Connectivity

Telna divests KnowRoaming brand to eSimplified

Posted on: April 23, 2024

Telna has announced the divestiture of its KnowRoaming brand to eSimplified. This transfer positions eSimplified—an innovative entity supported by robust private equity and led by fintech and telecommunication industry experts—to propel

Read more
3D render of a low poly background with connecting lines and dots

First O-RAN certification by European lab with Rohde & Schwarz and VIAVI Support

Posted on: April 22, 2024

Rohde & Schwarz and VIAVI Solutions have supported the European OTIC in Berlin in the process of awarding O-RAN conformance certification for international markets. The certification of an indoor O-RU of the

Read more