WhatsApp and Telegram, both the messaging services that claim to offer end-to-end encryption for chats, can witness hackers logging into user chats and even replying on their behalf, according to a new research. The vulnerability mainly stems from the Signaling System 7 (SS7), which is an international telecommunications standard that states how network elements exchange information over a signalling network.
The report brought by Positive Technologies states that this SS7-based vulnerability might allow intruders with just basic skills perform dangerous attacks, some of which may even lead to financial loss, confidential data leaks or even disruption of services. As for chat applications like WhatsApp, Viber, Telegram, Facebook and others, SMS authentication is used as the primary security verification mechanism, which is also routed through SS7 signalling, thus allowing hackers to gain access. The potential hackers, in this case, can extract the identity of the legitimate user and as a result impersonate them virtually. For the full article click here
from hacker samurai http://ift.tt/1WnfqOa
via IFTTT
No comments:
Post a Comment