Telegram and WhatsApp are both known for their security and end-to-end encryption and latest forward way secrecy techniques which secure end user data in a good manner. All these security features still doesn’t stop hackers from Hacking into WhatsApp or Telegram using a very known and old exploit of Signaling System 7 (SS7) . Let me break it here that there is no SS7 Hack Software , its a flaw in SS7 which can be used to exploit and literally Hack Facebook ,WhatsApp,Telegram,Twitter using SS7 (Signaling System 7) . Literally any service which might use a SMS or Call verification can be hacked
SS7 Hack Demo -Hacking WhatsApp / Telegram
YouTube has removed the demo video showing SS7 exploit in action with This Warning Message.
How the Hack is executed ?
Above demonstrated hack DOES NOT break WhatsApp and Telegram Encryption rather it exploits the weakness of SS7. This is done by tricking the cellular network into believing that the Attacker’s phone has the same number as the target’s. From there, the attacker would create a new WhatsApp or Telegram account and receive the secret code that authenticates their phone as the legitimate account holder. Keep in mind this technique would literally work on any Network and any Online Messaging Service , once you spoof the number you can pretty much do everything.
Will SS7 Vulnerability get Fixed ?
SS7 is a global network and not owned by any particular company, nor it can be rapidly patched through out the world. It’s a mess, and it’ll remain that way until someone, or a group, is appointed to govern and maintain it, which is very unlikely to happen
Until then, Hackers will Enjoy .
Another theory hints that intelligence agencies are the real cause between the vulnerability and Cellular networks ability to fix it. Having a weakness to spoof and clone every phone on the planet is a very eye candy option for all Intelligence Agencies which would not think for a second before invading our privacy.
Download MAPS and SS7 Protocol Simulator
- Open GL.com and register for a Free Account
- Activate your account by clicking the Email received.
- Once account activated visit This Link
- Download MAPS™ SS7 Protocol Emulator and MAPS™ SS7 SIGTRAN
- Read this Query for Open Source SS7