This is how you are getting hacked (Organized)
I talked about this on stemmit, but it was early days. Not much security professionals was there. I want to make you aware of how things are done, using the method of hacking that was performed and forensically analyzed and examined to details.
What's important to understand, is that this affects almost any user, with almost any service.
Let's go. Scenario:
- We have a company Bad Guy ltd.
- Bad Guy ltd is a mobile operator, specialized in delivery of SMS and Voice Pin Codes.
- Bad Guy ltd sells this service to Google, Facebook, LinkedIN etc among others. (yes, banks too).
- All these companies uses "API" calls towards Bad Guy ltd to deliver these codes.
- You can use your phone to reset password on many of such services.
Attack Flow:
- Bad Guy ltd only needs your phone number.
- Bad Guy ltd dumps the price of code delivery towards your operator, to a level where they are not making profit, or losing.
- other "guys" on the market that competes in same services direct all the traffic via least cost route - Bad Guy ltd.
- Bad Guy ltd is sure to get your password reset code.
- Bad Guy ltd initiate the reset, intercepts the message and reset your password.
- You have no clue, as message never arrived.
The "BIG" moment of F**k up...
- Bad Guy ltd forgot to use proxy, and do that from the company network, RIPE range allocated for office use :)
Here we go:
1: I changed my password from US?..Nope...let's see
2: Look, someone is logged in to my account from Bad Guy ltd office :)
**At this point, you should check the service offered by Bad Guy ltd
3: This is because traffic is not encrypted:
4: And because it can be decoded:
5: And now let's look into how "Bad Guy ltd" might be covering tracks:
Because of single digit that belongs to "bad guy", most likely operators are going to simply ignore it, short down, and say it's O2
**This is one and only case of such "crazy" prefix allocation ever happened in the whole world.
Conclusion:
- The vector is very lucrative as it can be targeted.
Bad Guy ltd can hack anyone, possibly sell that on the blackmarket, make losses on the "valid side of the business", pay no taxes at all since they are not making profit, and make enormous profits by executing targeting attacks on the blackmarket, government agencies or anything similar. Tax free money!
Well, busted...in the blockchain.
Smart? No. Just Evil. It might look smart, but that's because normal person would never think in that direction.
Strawberry on top?
This post has been upvoted for free by @microbot with 0.1%!
Get better upvotes by bidding on me.
Thanks for the enlightenment. I admire the analogy you used, it just became clearer. If I may ask, how do I need up security measures on my devices to avoid been hacked. I'm awaiting your response.
Hmm...with spectre, meltdown and probably a 'commercial' services such as this one, I'm afraid there's not much you can do if someone decide you are a target. My best answer is "I don't know", and i think same about securing my own computers / networks.
Setting up good honeytraps worked good for me. If I can't prevent being hacked, at least I am going to know I am hacked, and act crazy, while I examine what hacker is doing. At the end, I know more about him then he about me, as he get's what I serve him with.