Exploit SS7 to Redirect Phone Calls/SMS

An adversary could exploit signaling system vulnerabilities to redirect calls or text messages (SMS) to a phone number under the attacker's control. The adversary could then act as an adversary-in-the-middle to intercept or manipulate the communication. [1] [2] [3] [4] [5] Interception of SMS messages could enable adversaries to obtain authentication codes used for multi-factor authentication[6].

ID: T1449
Sub-techniques:  No sub-techniques
Tactic Type: Without Adversary Device Access
Tactic: Network Effects
Platforms: Android, iOS
Version: 1.2
Created: 25 October 2017
Last Modified: 28 July 2021
Provided by LAYER 8

Procedure Examples

ID Name Description
S0602 Circles

Circles can intercept voice calls and SMS messages.[7]


ID Mitigation Description
M1009 Encrypt Network Traffic

Use of end-to-end encryption of voice calls and text messages "provides another layer in the defense against potential information compromise by SS7 enabled eavesdropping."[5]

M1014 Interconnection Filtering


Network carriers may be able to use firewalls, Intrusion Detection Systems (IDS), or Intrusion Prevention Systems (IPS) to detect and/or block SS7 exploitation as described by the Communications, Security, Reliability, and Interoperability Council (CSRIC). [5] The CSRIC also suggests threat information sharing between telecommunications industry members.