Phone network hackers could steal your messages

We may have been wrong.

WhatsApp and a similar mobile encrypted-messaging service, Telegram, both use SMS (text) messages to verify user identities. And, as Positive Technologies, a Moscow-based security firm, said in a blog post today (May 6), SMS messages could be redirected by someone with privileged access to Signaling System No. 7 (SS7), the protocols that let telecommunications companies around the world direct calls or SMS messages to any landline or cellphone.

Comment: And you can bet that this exact thing has been happening for quite a long time. And along similar lines, this sort of puts a damper on various government claims that “terrorists use encrypted messaging like WhatsApp to make plans” … as if they didn’t know this gaping hole in mobile network security exists.

That means that if a hacker got into the SMS-addressing functions of SS7, he or she might be able to register a new device to your existing WhatsApp or Telegram account without you knowing it.

With a duplicate account, the attacker would be able to not only read all the encrypted messages you send and receive using WhatsApp and Telegram, but send messages as well. Your WhatsApp and Telegram contacts would have no idea it’s not you. For the full article click here 

from hacker samurai http://ift.tt/24AwvIW
via IFTTT