• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Cisco fixed critical ISE flaws allowing Root-level remote code execution

 | 

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

 | 

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

 | 

Hackers deploy fake SonicWall VPN App to steal corporate credentials

 | 

Mainline Health Systems data breach impacted over 100,000 individuals

 | 

Disrupting the operations of cryptocurrency mining botnets

 | 

Prometei botnet activity has surged since March 2025

 | 

The U.S. House banned WhatsApp on government devices due to security concerns

 | 

Russia-linked APT28 use Signal chats to target Ukraine official with malware

 | 

China-linked APT Salt Typhoon targets Canadian Telecom companies

 | 

U.S. warns of incoming cyber threats following Iran airstrikes

 | 

McLaren Health Care data breach impacted over 743,000 people

 | 

American steel giant Nucor confirms data breach in May attack

 | 

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

 | 

Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes' Data from Saudi Games

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 50

 | 

Security Affairs newsletter Round 529 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Iran confirmed it shut down internet to protect the country against cyberattacks

 | 

Godfather Android trojan uses virtualization to hijack banking and crypto apps

 | 

Cloudflare blocked record-breaking 7.3 Tbps DDoS attack against a hosting provider

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Cyber Crime
  • Digital ID
  • Hacking
  • Intelligence
  • SS7 flaw allows hackers to spy on every conversation

SS7 flaw allows hackers to spy on every conversation

Pierluigi Paganini August 18, 2015

By Exploiting a flaw in the SS7 protocol hackers can access every conversation and text message mobile users send from everywhere in the world.

Hackers can spy on every mobile phone user wherever it is.

Channel Nine’s 60 Minutes has revealed the existence of a security hole in modern telecommunication systems that could be exploited by cyber criminals to listen in on phone conversations and read text messages.

The program explained that German hackers, who are based in Berlin, were able to intercept data and geo-track every mobile user by exploiting a flaw in the SS7 signalling system.

SS7 is a set of protocols used in telecommunications ever since the late 1970s, enabling smooth transportation of data without any breaches.

The security issue in the SS7 signalling system could be exploited by criminals, terrorists and intelligence agencies to spy on communications. The SS7 protocol allows cell phone carriers to collect location data related to the user’s device from cell phone towers and share it with other carriers, this means that exploiting the SS7 a carrier is able to discover the position of its customer everywhere he is.

“The flaws, to be reported at a hacker conference in Hamburg this month, are the latest evidence of widespread insecurity on SS7, the global network that allows the world’s cellular carriers to route calls, texts and other services to each other. Experts say it’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.

The flaws discovered by the German researchers are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network.” reports The Washington Post.

In the hacking community is known the existence of several techniques that hackers and snoopers can make use of, in order to eavesdrop and intercept phone calls or written text messages. In December 2014, German researchers have placed the matter to the public for consideration at the Chaos Communication Hacker Congress, since there can be a great many problems emerging.

Carriers of mobile telephony spend large amounts of money towards expanding their network and securing the conditions of communication with 3G and high-end encryption. To quote Tobias Engel, one of the German researchers mentioned above,

“It’s like you secure the front door of the house, but the back door is wide open”.

One of the major incidents registered by NKRZI (which is the National Commission for the State Regulation of Communications and Informatization in Ukraine) involved Russian addresses back in April 2014.

The expert noticed that many Ukrainian holders of mobile phones have been affected by notorious SS7 packets that possibly derived from Russia. As a result, the mobile phone holders were intercepted of their address details and everything that was stored inside each phone. MTS Ukraine obviously participated in the interception, in relation to MTS Russia.

As a direct consequence of security breaches related to SS7 protocols of telecommunication, the eminent threat is none other than the surveillance taking place between different countries.

The system is being used by major Australian providers, this means that Aussies data could be exposed to hackers. Names, addresses, bank account details and medical data stolen due to a security vulnerability that could give hackers the access to their mobile devices.

“Everything about our lives is contained in the palm of our hand,'” reporter Ross Coulthart said. ‘Your sensitive, private data is opened for anyone to see. You could be bugged, tracked and hacked from anywhere in the world. It’s long been the dirty little secret of international espionage. What it means is that your smartphone is an open book.”

In the TV show, Mr Coulthart was speaking from Germany with the Independent senator Nick Xenophon who was located at the Parliament House in Canberra at the time of phone call.

With the support of the German hacker Luca Melette, Mr Coulthart demonstrated how to track its interlocutor by exploiting the security issue into the SS7.

SS7 hacking 2

“What if I could tell you senator, that it’s possible to listen in to any mobile phone from anywhere in the world – would you believe me?'” Mr Coulthart asked to Mr Xenophon while Melette was listening the conversation.

“I find it very hard to believe.” replied the incredulous Mr Xenophon.

Mr Coulhart then asked the senator for consent to record the phone call.

“But if you reckon they can pull it off, I give my consent but I find this incredibly hard to believe.” responded Mr Xenophon.

The reporter also anticipated to Mr Xenophon hat the hackers could intercept his text messages, but once again he skeptical immediately sent the following text message:

“Hi Ross, I don’t believe you!! Nick.”

The senator was shocked by the live demo provided by the reporter and the hacker.

“This is actually quite shocking because this affects every Australia,” Mr Xenophon said. “It means anyone with a mobile phone can be hacked, can be bugged – it’s just chilling. This is the end of anyone’s privacy as we know it.” ‘This is not about spies or terrorists and pollies – this is about every Australian that is vulnerable because their phones can be hacked.”

The attack scenario is worrying and open the door to massive surveillance activities, months ago the American Civil Liberties Union (ACLU) has also warned people against possible abuse of such vulnerabilities by Intelligence agencies and Law enforcement.

“Don’t use the telephone service provided by the phone company for voice. The voice channel they offer is not secure,” principle technologist Christopher Soghoian told Gizmodo. “If you want to make phone calls to loved ones or colleagues and you want them to be secure, use third-party tools. You can use FaceTime, which is built into any iPhone, or Signal, which you can download from the app store. These allow you to have secure communication on an insecure channel.”

Unfortunately, the vulnerabilities into SS7 protocol will continue to be present, even as cellular carriers upgrade to advanced 3G technology to avoid eavesdropping.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – SS7, hacking)

[adrotate banner=”13″]


facebook linkedin twitter

eavesdropping Hacking Intelligence mobile Russia SS7 surveillance Ukraine

you might also like

Pierluigi Paganini June 26, 2025
Cisco fixed critical ISE flaws allowing Root-level remote code execution
Read more
Pierluigi Paganini June 26, 2025
U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Cisco fixed critical ISE flaws allowing Root-level remote code execution

    Security / June 26, 2025

    U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

    Security / June 26, 2025

    CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

    Hacking / June 26, 2025

    Hackers deploy fake SonicWall VPN App to steal corporate credentials

    Hacking / June 25, 2025

    Mainline Health Systems data breach impacted over 100,000 individuals

    Data Breach / June 25, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT