Vulnerabilities in mobile networks opens bitcoin wallets to hackers

Dmitry Kurbatov of Positive Technologies

Cryptocurrencies offer unprecedented transaction speeds and remittance security, but this is compromised by the weak security of digital wallets storing them. Positive Technologies has demonstrated an attack on a user account of Coinbase — one of the largest bitcoin exchanges in the world, which manages assets of over 9 million clients, with more than 20 billion USD in various digital currencies combined on their accounts.

Minimum personal information about a victim – their first name, last name, and phone number – was enough to hack a test wallet in Coinbase. By exploiting SS7 vulnerabilities to intercept SMS with one-time passwords, PT researchers were able to learn the email address linked to the wallet, obtained control over it, and gained access to the wallet itself. Once they had the account password for the wallet, they were easily able to withdraw cybermoney.

Positive Technologies was one of the first to pay attention to SS7 security flaws. Attacks exploiting these vulnerabilities can be launched from anywhere, which is a great benefit to attackers. In spring 2017, the first cases of attacks exploiting SS7 were registered in Germany, in which money was stolen from bank accounts.

Cybercriminals intercepted texts with online banking authentication codes sent to customers of Telefonica Germany (O2), a German mobile operator, and used them to carry out unauthorised transactions.

“We work in close coordination with telecom operators to discover threats before hackers do, in order to protect subscribers. Exploiting SS7 specific features is one of several existing ways to intercept SMS. Unfortunately, it is still impossible to opt out of using SMS for sending one-time passwords.

It is the most universal and convenient two-factor authentication technology. All telecom operators should analyse vulnerabilities and systematically improve the subscriber security level,” says Dmitry Kurbatov, head of telecommunications security department at Positive Technologies.

The attack method is demonstrated in this video.

Comment on this article below or via Twitter: @ VanillaPlus OR @jcvplus

RECENT ARTICLES

Samsung and O2 Telefónica introduce vRAN and Open RAN network in Germany

Posted on: May 3, 2024

Samsung Electronics and O2 Telefónica announced on Thursday that the companies launched their first virtualised RAN (vRAN) and Open RAN commercial site in Germany. It is the first time that

Read more
Cross-section of a submarine telecommunication cable

Telxius expands submarine cable route from Dominican Republic to Puerto Rico

Posted on: May 2, 2024

Global connectivity provider Telxius is opening its latest submarine cable route with the extension of SAm-1 between Punta Cana in the Dominican Republic to Puerto Rico. The route is in

Read more