For years, experts have cautioned of vulnerabilities in the network that routes phone calls and cellular service but those attacks may be more widespread than anyone comprehended. For more than a year, a Tor Hidden Service has been offering ongoing access to telecom’s private SS7 network for as little as $500 a month.
A man who was arrested for allegedly providing telecommunication services by intercepted more than 7 000 calls from China and receiving them as local calls, has been as been granted $50 bail and remanded to July 27 pending further investigations.
Talent Muguta, a 26 year old man from Chitungwiza,alleged of providing telecommunication services to people from China while operating an internet café along George Silundika Avenue.
It is alleged between May 19 and 23 this year, provided telecommunication services to people from China who intended to call Econet subscribers. It is also alleged Muguta used sophisticated software which allowed him to accept calls from China on Tel-One lines, which he converted to local calls before forwarding them to Econet subscribers.
According to the State, the accused was arrested after Econet suspected the volume of incoming traffic was not tallying with the expected revenue and notified them.7 000 calls were received from China and Econet was paid 6 cent per minute of which they should have been paid 50 cents per call.
Muguta allegedly converted international calls to local calls, thereby causing a $1 150 prejudice to Econet Wireless Zimbabwe.
The Police have since recovered the alleged equipment which Muguta using to commit the offence.
Most of the vulnerabilities in the SS7 have been known for years, although little has been done to fix them. In 2014, Karsten Nohl first demonstrated how the SS7 system could be used to track a user’s physical location, and subsequent work showed how bad actors on the network could intercept texts and redirect calls. Those attacks could break two-factor authentication, intercepting an SMS or audio call sent through the compromised network.
