Can an attacker intercept my mobile traffic exploiting the ss7 vulnerability even if encrypted?
Asked
Active
Viewed 121 times
0
-
On its own, no, there's no magic "disable encryption on mobile connection", but SS7 is usually popular for intercepting 2FA or social engineering attack. So if the user/service provider is vulnerable to it, the attacker can have a new valid certificate for user's website or register their device for user's messaging app even if it's encrypted – Martheen Feb 15 '21 at 03:15
-
Attacker needs access to network operator to exploit SS7. Although SS7 has been deprecated in LTE, legacy support still exists when the device fallsback to 3G & 2G. – defalt Feb 15 '21 at 09:29
-
@Martheen what encryption are you talking about ? You TCP encryption or GSM encryption ? – BiosRootKit Feb 15 '21 at 22:04
-
@defalt as I know geolocalization is still working on some country in europe – BiosRootKit Feb 15 '21 at 22:05
-
1TLS, SSH, app-level E2EE, those aren't affected. If you only have GSM encryption protecting you, you're effectively sending unencrypted traffic to the public internet anyway. – Martheen Feb 16 '21 at 03:47
-
@Martheen but in my main question I have written that I'm not talking about encryption. My question concern only the traffic. I mean, can an attacker intercept the traffic ? I'm sorry my English is very bad. But I mean if an attacker can intercept traffic. I'm NOT interested if it's encrypted or not. – BiosRootKit Feb 16 '21 at 14:21
-
1What's the point of intercepting if they can't read it anyway? – Martheen Feb 16 '21 at 20:46
-
@Martheen the you can have an idea of the browser of the target watchend dns resolving. Isn'it ? – BiosRootKit Feb 16 '21 at 22:48
-
Chromium-based browser upgrades to DoH automatically if the OS is set to use supported providers, Firefox too on the US and encourage user elsewhere to use their built-in list. – Martheen Feb 16 '21 at 22:52