In this case, the attacker cracked and hijacked the 2FA system SMS verification code, the German bank’s online banking users in the transaction before the need to send SMS verification code by mobile operators to confirm. This provides hackers with the SS7 vulnerability to provide space, hackers first to the victim computer to send spam into the malware, collecting bank account balance, login information, account password and mobile phone number and other information. And then they purchased a rogue telecom transceiver system platform that could exploit the SS7 protocol vulnerability to intercept the victim’s number and redirect the data information to the attacker’s handheld device. Usually, at midnight, the offender uses the collected victim information to initiate the transaction and confirm the transaction with the intercepted SMS verification code to complete the theft.
The first large-scale use of SS7 loopholes to steal bank account event outbreak, or will promote more European and American communications operators as soon as possible to deploy repair SS7 protocol vulnerabilities.