• Contact Us
  • Login
Upgrade
Tech News Hero
Advertisement
  • Home
  • News
  • Gadgets
  • Social
  • Gaming
  • Mobile
  • PC
  • Internet
  • Security
  • Apps
No Result
View All Result
  • Home
  • News
  • Gadgets
  • Social
  • Gaming
  • Mobile
  • PC
  • Internet
  • Security
  • Apps
No Result
View All Result
Tech News Hero
No Result
View All Result
Home Security

Academic research finds five US telcos vulnerable to SIM swapping attacks

by technewshero
January 12, 2020
in Security
0
Share on FacebookShare on Twitter
SIM card swapping

Image: Brett Jordan

A Princeton University academic study published yesterday found that five major US prepaid wireless carriers are vulnerable to SIM swapping attacks.

A SIM swap is when an attacker calls a mobile provider and tricks the telco’s staff into changing a victim’s phone number to an attacker-controlled SIM card.

This allows the attacker to reset passwords and gain access to sensitive online accounts, like email inboxes, e-banking portals, or cryptocurrency trading systems.

All last year, Princeton academics spent their time testing five major US telco providers to see if they could trick call center employees into changing a user’s phone number to another SIM without providing proper credentials.

According to the research team, AT&T, T-Mobile, Tracfone, US Mobile, and Verizon Wireless were found to be using vulnerable procedures with their customer support centers, procedures that attackers could use to conduct SIM swapping attacks.

In addition, the research team also looked at 140 online services and websites and analyzed on which of these attackers could employ a SIM swap to hijack a user’s account. According to the research team, 17 of the 140 websites were found to be vulnerable.

US telco research

For the part of their research that targeted US telcos, the research team said it created 50 prepaid accounts, 10 with each carrier. For each account, the research team used the 50 SIM cards on a unique phone, and for real calls, in order to create a realistic call history.

When the time came, the research team called each telco’s customer support center and applied a similar procedure.

sim-swapping-telcos.png

Image: Lee et al.

The idea was that the attacker calls a telco’s support center to request a SIM card change, but intentionally provides a wrong PIN and account owner details.

“When providing incorrect answers to personal questions such as date of birth or billing ZIP code, [research assistants] would explain that they had been careless at signup, possibly having provided incorrect information, and could not recall the information they had used,” researchers said, explaining the motives they provided to call center staff.

At this point, after failing the first two authentication mechanisms (PIN and account owner details), telco call center operators are required, based on their procedures, to move to a third mechanism during which they ask the account owner to provide details about the last two recently made calls.

The research team says that an attacker could trick a victim into placing calls to specific numbers. For example, a scenario of “you won a prize; call here; sorry, wrong number; call here instead.”

After the attacker has tricked the SIM card owner into placing those two calls, they can use these details to call the telco’s call center and carry out a SIM swap.

Princeton researchers said they were able to trick all five US prepaid wireless carriers using this scenario.

When they published their research yesterday, four providers were still using the vulnerable procedure, despite the research team notifying all the affected parties. Of the five, T-Mobile told the research team they discontinued the use of call logs for customer authentication after reviewing their research.

Online service research

But the Princeton researchers also took their study one step further. For the following stage of their research, they wanted to see what they could do once they carried out a SIM swapping attack.

For this, they analyzed the login and multi-factor authentication (MFA) procedures employed by 140 of the most popular online sites and services, ranging from social media networks to email providers, and from cryptocurrency trading sites to enterprise solutions.

They found that on 17 sites, once you managed to hijack a user’s phone number via a SIM swap, you could reset the account’s password and gain full access to the victim’s online profile, with no other security system in place to authenticate the user.

In other words, the account recovery process for these 17 sites relied solely on an SMS-based mechanism. Once an attacker compromised a victim’s phone number, the password could be reset without having to control the user’s email or provide any other user secret (password reset questions, date of birth, etc.).

The full results for the analysis of the 140 websites is available here. The research team redacted the names of the 17 vulnerable services from their research in order to prevent SIM swappers from focusing on those sites for future attacks.

Additional details are provided in a white paper named “An Empirical Study of Wireless Carrier Authentication for SIM Swaps.”

Previous Post

How to watch Titans vs Ravens: live stream NFL playoffs football from anywhere tonight

Next Post

Instagram Gets New SloMo, Echo, and Duo Filters for Boomberang

technewshero

technewshero

Related Posts

2020 Shows the Danger of a Decapitated Cyber Regime
Security

2020 Shows the Danger of a Decapitated Cyber Regime

by technewshero
January 13, 2021
A ‘Bulletproof’ Criminal VPN Was Taken Down in a Global Sting
Security

A ‘Bulletproof’ Criminal VPN Was Taken Down in a Global Sting

by technewshero
January 14, 2021
The Worst Hacks of 2020, a Surreal Pandemic Year
Security

The Worst Hacks of 2020, a Surreal Pandemic Year

by technewshero
January 15, 2021
Security

How Your Digital Trails Wind Up in the Police’s Hands

by technewshero
December 31, 2020
How to Understand the Russia Hack Fallout
Security

How to Understand the Russia Hack Fallout

by technewshero
December 22, 2020
Next Post

Instagram Gets New SloMo, Echo, and Duo Filters for Boomberang

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Most Popular

How Covid-19 Contact Tracing Works on Your Phone

How Covid-19 Contact Tracing Works on Your Phone

December 15, 2020
Amazon teams up with Apple to offer Macs through cloud computing

Amazon teams up with Apple to offer Macs through cloud computing

January 13, 2021
Sunshine Contacts may have given out your home address, even if you’re not using the app – TechNewHero

Sunshine Contacts may have given out your home address, even if you’re not using the app – TechNewHero

December 13, 2020

Browse by Category

  • Apps
  • Gadgets
  • Gaming
  • Internet
  • Mobile
  • News
  • PC & Laptops
  • Security
  • Social
Tech News Hero

© 2020 Tech News Hero.

No Result
View All Result
  • Home
  • Landing Page
  • Buy JNews
  • Support Forum
  • Contact Us

© 2020 Tech News Hero.

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?