Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
CRYPTOCURRENCIES
How hacker can access your bitcoin wallet
Message
<blockquote data-quote="Greenhost" data-source="post: 661" data-attributes="member: 20"><p><strong>How Hacker Can Empty Ur Bitcoin Wallet Using Ur Phone no & Email</strong></p><p><strong></strong></p><p><strong>Security of SMS-based two-factor authentication has been long-debated. Despite flaws in Signalling System No. 7 (SS7), which is an internationally used telecom protocol to route texts and calls, it continues to be used at a large scale in banking and other services.</strong></p><p><strong></strong></p><p><strong>The security researchers Positive Technologies have shown how a bitcoin wallet can be hacked using SS7 vulnerabilities. By getting their hands on SS7 network, the hackers were able to reset the Gmail passwords using SMS-based two-factor authentication.</strong></p><p><strong></strong></p><p><strong>A big flaw in SMS-based 2FA is that the one-time password can be accessed on a variety of devices and services, which might have their own flaws. Thus, the attack surface increases. On the other hand, the true 2FA, which is like a push notification popup, sends the verification prompt to one device.</strong></p><p><strong></strong></p><p><strong>In a video posted by the researchers, which is embedded below, it’s shown how easy it is to carry out the attack. By intercepting the text messages in transit, the hackers can take control of your Gmail account and any other service associated with it.</strong></p><p><strong></strong></p><p><strong>Not just cryptocurrency wallets, this flaw puts your banking and social media accounts at risk. “This hack would work for any resource – real currency or virtual currency – that uses SMS for password recovery,” the researchers told Forbes.</strong></p><p><strong></strong></p><p><strong>Getting access to the SS7 network is the biggest barrier one needs to cross. The cybercriminals can buy the access on the dark web. In the past, at least at one occasion, SS7 was used to empty bank accounts. According to Forbes, many surveillance companies are also selling services to spy using SS7 flaw.</strong></p><p><strong></strong></p><p><strong>What should the user do?</strong></p><p><strong></strong></p><p><strong>As stressed earlier, SS7 flaw has been known to the telecom industry from a long time. So, unless they don’t take steps to make it more secure, the users need to take steps on their own. You can use tools like Google Authenticator, Google prompt, or security key for extra security.</strong></p></blockquote><p></p>
[QUOTE="Greenhost, post: 661, member: 20"] [B]How Hacker Can Empty Ur Bitcoin Wallet Using Ur Phone no & Email Security of SMS-based two-factor authentication has been long-debated. Despite flaws in Signalling System No. 7 (SS7), which is an internationally used telecom protocol to route texts and calls, it continues to be used at a large scale in banking and other services. The security researchers Positive Technologies have shown how a bitcoin wallet can be hacked using SS7 vulnerabilities. By getting their hands on SS7 network, the hackers were able to reset the Gmail passwords using SMS-based two-factor authentication. A big flaw in SMS-based 2FA is that the one-time password can be accessed on a variety of devices and services, which might have their own flaws. Thus, the attack surface increases. On the other hand, the true 2FA, which is like a push notification popup, sends the verification prompt to one device. In a video posted by the researchers, which is embedded below, it’s shown how easy it is to carry out the attack. By intercepting the text messages in transit, the hackers can take control of your Gmail account and any other service associated with it. Not just cryptocurrency wallets, this flaw puts your banking and social media accounts at risk. “This hack would work for any resource – real currency or virtual currency – that uses SMS for password recovery,” the researchers told Forbes. Getting access to the SS7 network is the biggest barrier one needs to cross. The cybercriminals can buy the access on the dark web. In the past, at least at one occasion, SS7 was used to empty bank accounts. According to Forbes, many surveillance companies are also selling services to spy using SS7 flaw. What should the user do? As stressed earlier, SS7 flaw has been known to the telecom industry from a long time. So, unless they don’t take steps to make it more secure, the users need to take steps on their own. You can use tools like Google Authenticator, Google prompt, or security key for extra security.[/B] [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
CRYPTOCURRENCIES
How hacker can access your bitcoin wallet
Top