|
by Ice Cream Jonsey 03/15/2021, 2:18pm PDT |
|
|
|
|
|
https://yro.slashdot.org/story/21/03/15/1950245/a-hacker-got-all-my-texts-for-16
I hadn't been SIM swapped, where hackers trick or bribe telecom employees to port a target's phone number to their own SIM card. Instead, the hacker used a service by a company called Sakari, which helps businesses do SMS marketing and mass messaging, to reroute my messages to him. This overlooked attack vector shows not only how unregulated commercial SMS tools are but also how there are gaping holes in our telecommunications infrastructure, with a hacker sometimes just having to pinky swear they have the consent of the target.
"I used a prepaid card to buy their $16 per month plan and then after that was done it let me steal numbers just by filling out LOA info with fake info," said Lucky225, the pseudonymous hacker who carried out the attack, referring to a Letter of Authorization, a document saying that the signer has authority to switch telephone numbers.
ICJ |
|
|
|
|
|
|
|
I hate a lot of implementations of MFA by Ice Cream Jonsey 04/28/2019, 8:54am PDT
SMS isn't MFA and can be intercepted. It's just a webshit doing the laziest. NT by The Happiness Engine 04/29/2019, 3:50pm PDT
Some people keep a burner phone with a secret number just for this. by Blackwater 05/01/2019, 6:48pm PDT
MFA is a mess, continued by Ice Cream Jonsey 05/14/2019, 7:36am PDT
Did you see this post on slashdot? by Dan Driedelberg 05/19/2019, 8:42pm PDT
The saddest thing is that we actually have the tech to make 2FA work for real by blackwater 05/22/2019, 8:31am PDT
Tell me more about this Yubikey. Sell me on it. NT by Jack Bauer 05/22/2019, 8:53pm PDT
basically it is a physical thing you carry it around that unlocks stuff by Blackwater 05/22/2019, 10:14pm PDT
My bank's awful "MFA" stuff by Ice Cream Jonsey 09/21/2019, 9:29am PDT
In theory, the "spirit animal" stuff does make sense by blackwater 09/21/2019, 3:00pm PDT
It kind of locks them into always having to display it though by - 09/21/2019, 4:01pm PDT
Mine was a tiger! RAWRR!! NT by pinback 09/21/2019, 5:15pm PDT
Lookin' good, MFA by Ice Cream Jonsey 03/15/2021, 2:18pm PDT
Re: I hate a lot of implementations of MFA by Ice Cream Jonsey 11/20/2022, 12:18pm PST
|
|