Hackers are able to steal 2FA SMS messages by exploiting SS7. As far as my understanding goes, this means gaining access to the SS7 system and then broadcasting a message akin to "This number is roaming on my network, send me all their SMS messages!"
Would this work for a Google Voice number? If my understanding above is correct, Google knows it'll be sending the SMS to the Google Voice app and not to some other network, so I would guess it might be immune to SS7 exploitation. Or does the hacker only need to say the number is roaming to whoever is generating the SMS message?
I'm aware of the other downsides to using Google Voice as a second factor for 2FA, and am mitigating them by using an alternate Google account for which I have a strong, separate password that I only ever enter when logging into the app on my mobile device, and nowhere else, ever. I trust Google's security a hell of a lot more than the TelCo's. This way customer service won't give out my info or re-route the number just because someone knows my mother's name. I personally view keylogger attacks as unlikely on an non-jailbroken iPhone, and I hope I might be at least a bit more protected from atrocious SS7 holes.
Please don't respond to this telling me to use Google Authenticator or a hardware key - This is not in the scope of my question and I already do so where possible.