$16 attack let hacker intercept a T-Mobile user’s text messages

A hacker sitting in front of two computer screens and holding a smartphone.

Enlarge (credit: Getty Images | Milan_Jovic)

In a new article titled "A Hacker Got All My Texts for $16," Vice reporter Joseph Cox detailed how the white-hat hacker—an employee at a security vendor—was able to redirect all of his text messages and then break into online accounts that rely on texts for authentication.

This wasn't a SIM swap scam, in which "hackers trick or bribe telecom employees to port a target's phone number to their own SIM card," Cox wrote. "Instead, the hacker used a service by a company called Sakari, which helps businesses do SMS marketing and mass messaging, to reroute my messages to him."

This method tricked T-Mobile into redirecting Cox's text messages in a way that might not have been readily apparent to an unsuspecting user. "Unlike SIM jacking, where a victim loses cell service entirely, my phone seemed normal," Cox wrote. "Except I never received the messages intended for me, but he did."

Read 11 remaining paragraphs | Comments



https://ift.tt/38LLarb

Comments