in

This is probably how so many attackers got around 2FA.

[**https://arstechnica.com/information-technology/2021/03/16-attack-let-hacker-intercept-a-t-mobile-users-text-messages/**](https://arstechnica.com/information-technology/2021/03/16-attack-let-hacker-intercept-a-t-mobile-users-text-messages/)

This is why you should stay anonymous and not share any data with anyone. If this service was available to do this, relatively anonymously, I can imagine there are many other services that could do the same as well. Sort of shady on part of the phone companies to have such an easy exploit as well.



View Reddit by Colmado_BacanoView Source

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

9 Comments

  1. 2fa is a broad term, lots of things could be 2 factor authentication. SMS is one of the worst and frankly should be banned as being a valid form of 2fa. Sim swaps are a serious threat and phone company employees can’t be trusted. This has been proven over and over again. I recently bought a hardware key and very interested in finding out how more secure it makes me feel.

  2. Response from the messaging service is a joke:

    >Sakari responded to Ars with a statement saying, “We’ve now closed this industry loophole at Sakari and other SMS providers and carriers should do the same. When you port a mobile phone number in the US, like a customer switching carriers for voice calls, the carrier you are leaving authorizes your number’s departure. There is no such industry standard for transferring ownership of messaging on mobile numbers. Sakari already goes above and beyond industry standards on verification for new clients and followed our carrier’s guidelines to the letter, but in light of this development we’ve now added a phone verification call to all new text-enabled numbers so no one can use Sakari to exploit this industry loophole again

    They go above and beyond for verification… and yet didn’t do the simplest verification possible?

    Guess this is a good reminder to be careful of what accounts you tie to your phone number.

Loading…

0

What do you think?

$1 invested in gold vs. Bitcoin over 11.4 years. Source: Woobull

Bitcoin Is Better Than Gold When Studied – Fund Manager To Mainstream Media – Cryptovibes.com – Daily Cryptocurrency and FX News

Bitcoin Sees Bullish Moves After Morgan Stanley Says Customers Can Buy BTC | CryptoGazette

Bitcoin Sees Bullish Moves After Morgan Stanley Says Customers Can Buy BTC | CryptoGazette