Home > Cyber News > Metro Bank Victim of Sophisticated 2FA Attack That Exploits SS7

Metro Bank Victim of Sophisticated 2FA Attack That Exploits SS7

malware attacks image
Metro Bank has been in a cyberattack that targeted the codes sent via text messages to customers to verify transactions. In other words, the bank is a victim of a sophisticated 2FA bypass attack. The bypass was possible after the hackers infiltrated the text messaging protocol of a telecommunications company. The attack was discovered by Motherboard.

Highly Sophisticated 2FA SS7 Attack on Metro Bank

The hack involved remote tracking of phones and intercepting text messages, and it’s very likely that other banks were targeted as well. To carry out the attack, hackers were able to exploit security flaws in the SS7 protocol which coordinates the way telecommunication companies route calls and SMS messages globally.

At Metro Bank we take our customers’ security extremely seriously and have a comprehensive range of safeguards in place to help protect them against fraud. We have supported telecommunication companies and law enforcement authorities with an industry-wide investigation and understand that steps have been taken to resolve the issue.

None of the small number of affected customers has been through a financial loss due to the hack.

In relation to the exploited vulnerability, a National Cyber Security Centre spokesperson has said that they are “aware of a known telecommunications vulnerability being exploited to target bank accounts by intercepting SMS text messages used as 2-Factor Authentication (2FA)”.

Due to its sophistication, security researchers believe that the attack wasn’t performed by conventional cybercriminals. Furthermore, according to the UK’s national cyber arm the National Cyber Security Centre (NCSC), now the same SS7 flaw is being exploited on a rising scale.

The irony here is that the SS7 vulnerabilities are well-known and documented. The security flaw could be exploited massively in fraud campaigns and surveillance attacks on mobile devices. Such an attack was reported in May 2017, when SS7 was exploited by hackers in attacks designed to steal money from victims’ online bank accounts.

SS7 is a set of telephony signaling protocols developed in 1975, which is used to set up and tear down most of the world’s public switched telephone network telephone calls. It also performs number translation, local number portability, prepaid billing, SMS, and other mass market services.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

  1. Chris Baumgartner

    Check your article title. It should read SS7 not S77.

    1. Milena Dimitrova (Post author)

      Fixed! Thank you for noticing!


Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree