YouTube link: https://youtu.be/wVyu7NB7W6Y
Invidious link: https://inv.nadeko.net/watch?v=wVyu7NB7W6Y
Sorry for the formatting… Tried to remove the URL for better readability, but there seems some kind of bug.
TLDW
- hack phones remotely just knowing it’s phone number
- Intercept 2FA sms
- Intercept phone calls
- Reroute phone calls
- Geolocation of a target
I dunno if it has already been posted/discussed here but this kinda blew my mind ! Sorry there’s a lot of clickbait but the general subject is interesting…
I never heard of SS7 and have actually no idea how the whole phone system communication works but that’s kinda scary…
Yes we are probably not the first target with this “hack” nor is it as easy as exposed in this video and nor do we have 14k $ to spend on this, but that’s not out of reach for some people. I mean it’s not as expensive as Pegasus and people with the mean and some good stable income can probably misuse this system for targeting specific vulnerable people (example in the video).
I’m not an expert in this field, so other people might have something else to add, but my takeaway is mostly - do not rely on phone services. Don’t use MFA via SMS, etc. Most of the issues described, you can avoid if you’re careful, except the geolocation issue.
If only we could convince US banks not to use MFA only via SMS