Watch: Researchers exploit SMS two-factor authentication to steal Bitcoins

Smart Android And Trik-Commenting on Andorid indeed never endless, because smart devices this one is often updated every certain amount of time. So that the market can always be garapnya menerinya with pleasure. And it is not denied if this device has become the lifestyle of each society. To not wonder if the 6th business information and many are turning to mobail smartphone. With Android which thoroughly dominated the mobile industry, choosing the best Android smartphone is almost identical to choose the best smartphone, period. But while Android phones have few real opponents on other platforms, internal competition is intense.

From the sleek devices impress with the design premium, up to a full plant furniture features, to a very good device, and affordable mobile phone has a heavy weight, the Android ecosystem inhabited by a diverse range of attractive mobile phone Watch: Researchers exploit SMS two-factor authentication to steal Bitcoins Watch: Researchers exploit SMS two-factor authentication to steal Bitcoins,But "oversize" are subjective, and sometimes pieces of the specification and a list of features is not enough to get an idea of how good a phone. In this roundup, we look at the absolute best-the Android phone you can't go wrong with. The habits of young people or to accentuate trand blindly lifestyle, make this a medoroang this clever device industry vying to do modifications to the device, with a distinctly vitur vitur-tercanggihnya. So it can be received over the counter Watch: Researchers exploit SMS two-factor authentication to steal Bitcoins

In theory, two-factor authentication (2FA) is an excellent method to keep your accounts secure. The problem with this security method, however, is that it typically relies on text messaging to send you a code which you then enter to unlock your account. While this seems fine on the surface, there are big problems with the underlying network that delivers the code to your phone.

See also:

The Equifax hack, and how to protect yourself from identity theft

The Equifax hack, and how to protect yourself from identity theft

2 weeks ago

Signaling System No. 7 or SS7 is the protocol system pretty much every telecom in the world uses to manage calls and messages. If a hacker breaches that network, they can intercept 2FA codes sent to your phone number. A security research firm posted a video (above) where they carry out just such an attack.

Using a research tool, Positive Technologies was able to capture all messaging going to a number for

five minutes. That allowed the researchers to reset the password for both a Coinbase account and the Gmail account associated with it, both with two-factor authentication enabled. If a hacker were to do this to you, you can kiss your Bitcoins goodbye.

The scariest part might be that Positive Technologies is using commonly known flaws in the system. SS7 has been around since 1975, so there's been plenty of time to poke holes in it. While access is supposed to be restricted to telecoms only, there are a number of hijacking services currently available for purchase. Even if no third-party exploits are currently available, researchers say that hackers may just attack the network itself.

It's much easier and cheaper to get direct access to the SS7 interconnection network and then craft specific SS7 messages, instead of trying to find a ready-to-use SS7 hijack service(…)

Even though the vast majority of companies use SMS for two-factor authentication, some are moving beyond that. Companies like Google offer app-based authentication that completely bypasses the SMS protocol. You can download Google Authenticator now and after setting it up, remove your phone number as your second step in your two-factor authentication settings. This ensures that even if hackers do use this method to intercept your messages, there won't be anything 2FA-related to intercept.

from Android Authority http://ift.tt/2jGWPAq
via IFTTT

Tweet

Subscribe to receive free email updates: