19 September 2017
Find out more

Hackers exploit SS7 telco flaw to raid German bank accounts

05 May 2017  |  14433 views  |  1 mobile keypad

02 has confirmed that hackers exploited long-known weaknesses in a protocol that connects back-end telco networks to intercept and re-route two-factor verification codes sent by German banks to customer mobiles to authorise online funds transfers.

Weaknesses in the Signaling System 7 (SS7) protocol - which is used for data communications between different telco networks - have been known about since 2014.

Researchers demonstrated that anyone with internal access to a telco can easily log in to third party networks, enabling them to track phones and redirect messages.

O2 in Germany has now confirmed that some customers in Germany have had their accounts drained by hackers after initially falling victim to phishing scams which harvested user names, passwords, phone numbers and bank account details.

The attackers then used SS7 to intercept and redirect mTANs - mobile transaction authentication numbers sent by banks in Germany to authorise transfers out of accounts - to their own phones.

"Criminals carried out an attack from a network of a foreign mobile network operator in the middle of January," 02 told German newspaper Süddeutsche Zeitung. "The attack redirected incoming SMS messages for selected German customers to the attackers."

The news is likely to send a chill down other banks and organisations currently using SMS codes as a customer verification mechanism.

Comments: (1)

A Finextra member
A Finextra member | 31 May, 2017, 19:11

SEVERAL BIG AND IMPORTANT BANKS in BRAZIL use extensive SMS messages as 2nd authetication factor.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Financial sector breaches skyrocket in 2016

Financial sector breaches skyrocket in 2016

28 April 2017  |  10494 views  |  0 comments | 20 tweets | 33 linkedin
How hackers took complete control of a legit Brazilian bank

How hackers took complete control of a legit Brazilian bank

05 April 2017  |  12617 views  |  1 comments | 20 tweets | 36 linkedin
Kaspersky records uptick in financial phishing and banking malware

Kaspersky records uptick in financial phishing and banking malware

24 February 2017  |  8893 views  |  0 comments | 6 tweets | 9 linkedin
Turkey's Akbank facing $4m liability after hack

Turkey's Akbank facing $4m liability after hack

16 December 2016  |  13937 views  |  0 comments
Journalists expose NatWest mobile security flaws

Journalists expose NatWest mobile security flaws

04 March 2016  |  14661 views  |  2 comments | 12 tweets | 10 linkedin

Related blogs

Create a blog about this story (membership required)
visit www.abe-eba.euvisit www.capgemini.comvisit www.sibos.com

Top topics

Most viewed Most shared
JPMorgan Chase chief says he would fire traders dealing in bitcoin for stupidityJPMorgan Chase chief says he would fire tr...
10504 views comments | 16 tweets | 29 linkedin
Equifax hack: Visa and Mastercard flag 200k compromised credit cardsEquifax hack: Visa and Mastercard flag 200...
9918 views comments | 6 tweets | 17 linkedin
Dutch bank sentences teenage DDoS culprit to community serviceDutch bank sentences teenage DDoS culprit...
8894 views comments | 6 tweets | 3 linkedin
HSBC switches on selfie payments in ChinaHSBC switches on selfie payments in China
8802 views comments | 19 tweets | 39 linkedin
ING moves into digital wealth management with Scalable CapitalING moves into digital wealth management w...
7359 views comments | 14 tweets | 15 linkedin

Featured job

Competitive
London, UK (or flexible)

Find your next job