Threat Intelligence
March 1, 2019

Exploiting SS7 to intercept text messages

No items found.
Contributors
Share

When did you last use SMS for two-factor authentication (2FA)? Maybe you used it to log in to your email or social media accounts, or to access online banking? It's become an accepted part of life in the digital age, and yet a number of recent high-impact breaches were down to attackers intercepting 2FA SMS messages. By exploiting inherently insecure Signalling System No. 7 (SS7) networks, attackers can intercept and divert texts sent as 2FA. In some cases, these text messages contain codes used to authorise bank transfers, meaning interception could spell financial disaster for the victim.

 

Get hands on with the SS7 exploitation in our lab

 

Our expert content team have built a lab which takes you through a simulated SS7 network exploitation to intercept a 2FA SMS and transfer (imaginary!) funds to a bank account. Check out Matt Parven, our Principal Content Engineer, on why understanding -- and experiencing -- this exploitation is important for both red and blue teams.

Immersive Labs Intercepting Text Messages

 

 

 

Trusted by top
companies worldwide

Customer
Insights

The speed at which Immersive produces technical content is hugely impressive, and this turnaround has helped get our teams ahead of the curve, giving them hands-on experience with serious vulnerabilities, in a secure environment, as soon as they emerge.
TJ Campana
Head of Global Cybersecurity
Operations, HSBC

Ready to Get Started?
Get a Live Demo.

Simply complete the form to schedule time with an expert that works best for your calendar.