Recently, many activists and researchers showed how hackers hack people’s Google accounts using their names and phone numbers and further using them to know their banks or bitcoin accounts.
Hackers get able to do this using a glitch in the international telecom network, which affects the Signaling System No. 7 (SS7). In a demonstration video, a few researchers took access to a Coinbase account and did whatever they desired to do with the stored funds through an SS7 flaw. Coinbase includes more than 10.4 million users, so it can be said that a lot of bitcoin owners are at risk.
An SS7 glitch preferably allows anyone with access to the telecoms backbone to receive as well as send messages from particular cellphones, including some attacks allowing calls, texts, as well as location data to be intercepted by the hackers.
Researchers associated with Positive Technologies used Gmail to access an email account through a phone number. After that, they reset that account’s password, which prompted a one-time authorization code to be sent to the victim’s phone. Using their SS7 exploit, they intercepted the text and got the code, actually taking control of the account. Then, they did the same thing to the victim’s Coinbase account.
The threat not only just affects bitcoin users, but troubles anyone with anything, i.e., connected to a Google account. Positive researcher Dmitry Kurbatov said, “This hack may work for any resource like real or virtual currency which uses SMS to recover the password.”
The biggest wall restricting hackers from performing such types of attacks is control over the SS7 network itself. Researchers of Positive Technologies had control over it for research purposes and to assist network operators improving safety. Malicious hackers would have to purchase access or hack in their own accord. As per Kurbatov, access can be purchased in dark web websites.
Keeping Bitcoins Secure from SS7 Attacks
While this type of attack seems alarming, there is a process to protect your bitcoins if they are stored in a wallet, i.e., connected to Google account. The certain way is to stop using text messages for two-factor authentication. When the 2FA system is based on OTPs, SS7 attacks don’t work.
Apps like Google Authenticator are more secured; this much that Daniel Romero, vice president of operations of Coinbase, has been approaching to customers about changing SMS-based 2FA to apps like these. He said, “Additionally, we’ve improved our monitoring systems to restrict phone-related security threats. We are leading to monitor this vigilantly.”
Other solutions include usage of Google prompt or security key despite an SMS for two-factor authentication will also restrict SS7 attacks. Nonetheless, to keep your bitcoins protected, it’s always recommended to use authentic methods.