Cryptocurrencies like Bitcoin make a big deal of their security; theoretically, they are almost impossible to hack. Every transaction is stored in a ‘digital ledger’, shared across multiple machines; an attacker would need to compromise every computer in the chain to successfully hack the system. However, the digital wallets that hold these currencies cannot boast the same security.
Cyber security firm Positive Technologies has demonstrated a successful hack on a digital wallet using SS7 security flaws. SS7 is shorthand for Security System No. 7, a set of telephony signalling protocols developed in the ‘70s and used across many telephone services, including SMS messages.
With knowledge of just the first name, last name and phone number of a Coinbase (a large Bitcoin exchange) user, Positive Technologies was able to intercept SMS messages with one-time passwords and use this to learn the email address linked to the (test) wallet. This was used to gain control over the wallet itself and withdraw currency.
SS7 attacks can be launched ‘from anywhere’, says Positive Technologies. It has been monitoring vulnerabilities in the system for some time, recently highlighting the first such attacks in Germany. In that case, criminals intercepted text messages with online banking authentication codes sent to Telefonica Germany (O2) customers, and use them to carry out illegal transactions.
“We work in close coordination with telecom operators to discover threats before hackers do, in order to protect subscribers,” said Dmitry Kurbatov, head of the telecommunications security department at Positive Technologies. “Exploiting SS7-specific features is one of several existing ways to intercept SMS. Unfortunately, it is still impossible to opt out of using SMS for sending one-time passwords; it is the most universal and convenient two-factor authentication technology. All telecom operators should analyse vulnerabilities and systematically improve the subscriber security level.”