I've read the following article about SS7 attack: https://berlin.ccc.de/~tobias/31c3-ss7-locate-track-manipulate.pdf
I have some questions about this kind of attack:
- Is SS7 attack can be done through regular home ISDN connection ? (not requiring to be done from within network operator device )
As I understand from article, SS7 attack manage to find IMSI, location (cell location and accurate GPS location) , but:
Although there is this published well article, there is no demonstration or explanation how to enter ss7 network in the first place. How is it done?
There is verint's skylock product which use ss7 attack. https://assets.documentcloud.org/documents/1275167/skylock-product-description-2013.pdf The interesting part is that it is said that it can be done from anywhere in the world becuase of their device are spread. "Worldwide SS7 Hubs: SkyLock global infrastructure consists of SS7 hubs which are spread in various locations around the world. " can anyone explain this ? There is also similar product https://www.thespyphone.com/geolocation-and-surveillance-of-any-phone-worldwide/ what is it actually? How these products get into ss7 ? How can such products be legal?