Hacking mobile phones: Now even your bank account is vulnerable as well
Most known attacks on mobile devices are based on weakness of operating systems such as Android, iOS, Windows Mobile or BlackBerry (we already wrote about it here). This raises questions of whether one operating system is safer than another one. However, SS7 is a part of communication protocol that must be included on each mobile device. Even on those that are not referred as “smart”.
A vulnerability means hackers can read texts, listen to calls and track mobile phone users. What are the implications and how can you protect yourself from snooping?
Hackers can read text messages, listen to phone calls and track mobile phone users’ locations with just the knowledge of their phone number using a vulnerability in the worldwide mobile phone network infrastructure.
The exploit centres on a global system that connects mobile phone networks, and can give hackers, governments or anyone else with access to it that the user cannot do anything about.
To protect against SS7 vulnerabilities is quite easy. All you need to do is to use any VoIP (voice-over internet) application instead of standard voice and SMS services provided by a mobile operator. For this purpose, you can use applications like WhatsApp, Telegram, Signal and similar. However, these applications have other security vulnerabilities.
Communication data are encrypted before sending and are decrypted only after delivery to receiver (directly in users' devices). Data are never decrypted during transfer.
Each communication is protected by a unique encryption key which is generated during communication establishment. It means that each communication between two users, even each communication between the same two users, has its unique encryption keys, which cannot be predicted. Each encryption key is destroyed immediately after communication ends.