Research by cybersecurity experts at SOS Intel suggests that most SS7 exploitation services offered on darknet markets are fake, leaving the buyer with nothing but a smaller crypto balance. The researchers combed for mentions of such services across the dark web, finding a total of 57 URLs, of which only 4 were functioning markets.
Of the four functioning markets, one was offline within a week, the second used images and video clips from a 2016 YouTube video, the third was a clone of the second, and the fourth was DarkFox Market, the biggest supposed provider of SS7-related services. DarkFox, which exceeds the traffic and popularity of the other three sites by a wide margin, lists such services at an average of $180, though demo video content attached to the listings is also stolen from YouTube.
SS7 is short for Signaling System No. 7, a protocol for telecommunications developed in 1975. Among the functionalities of which the protocol enables are prepaid billing, Short Message Service (SMS), number translation and mass market services. Known hacks that have exploited shortcomings in software built around this protocol include the ability to listen in on calls, read private messages, and track the location of a victim.
According to SOS Intel, there are a few ways in which messaging services like Telegram and WhatsApp can be hacked; most revolve around the hacker’s use of a “fake MSC,” or Mobile Switching Center, which serves as a directory for mobile numbers. In these cases, real MSC operators unknowingly transmit data to fake ones, allowing an attacker to intercept crucial communications, such as private conversations and OTP (one-time password) codes used for login authentication purposes.
GIPHY App Key not set. Please check settings