Olivia
Online
Cathal Mc Daid
@mcdaidc
Science, Security, Sports.
Joined October 2013
48 Following
752 Followers
328 Posts
@citizenlab Extra/ One clarification, the Unknown TON / Mexico city prefix is irrelevant as in this Simjacker version the exfiltrating data message goes to a specific, exfiltration SMSC GT. However this same TON and number was probably re-used from the more common handset generated attacks.
@citizenlab 3/ I can answer one speculation you had on the exfiltration number, you say this appears as Brazilian, but its not, its TON is set to unknown (0x81). Its actually a Mexico city number, used by both landline and mobile. The Mexican network routes it like a national number
@citizenlab 5/ We have seen incidents where this message has been sent to targets which didn't have the S@T browser present. So keep in mind its possible this is part of a set burst to try multiple methods to obtain location information. Otherwise, good job on the Simjacker/S@T decode!
@citizenlab 4/ Lastly, there is a question whether the use of the Simjacker vulnerability in this case would have actually worked. Most operators don't have SIM cards with the S@T Browser library deployed, and the landscape has changed further since the original research.
Who to follow
proxylife
@pr0xylife
DFIR | Malware Hunter | @Cryptolaemus1
SPYSCAPE 
@spyscape
The #1 rated museum & experience
Brain-teasing fun with friends
Get tickets for London or New York
Get your authentic spy profile
HiveMQ
@HiveMQ
HiveMQ is the Industrial AI Platform helping enterprises move from connected devices to intelligent operations.
(7/x) But all societies will need to have defences in this area. More details in the report - https://t.co/iDwyM8LUQX . This is a rapid area - within last week the EU & China have both issued reports or guidelines at how telecom operators can detect UAVs. Expect this to continue
(1/x) Out this week - our new report: "Mobile Connected UAVs in Conflict” https://t.co/ET1gZ2FFUR . This is the first report to cover #mobilenetworks + combat drones. Ukraine's Operation #Spiderweb showed the potential of this connection, but was it a once-off, or a future trend?
(6/x) Ukraine is also grappling how best to deal with the threat. Even yesterday, reports discuss changing SIM card sales and specific data disabling, due to Russian mobile controlled drones being dropped by 'mothership' drones behind Ukrainian lines https://t.co/S1IonZ0oSa
The 'wild west' of #SS7 security
Surveillance companies are increasingly using clever encoding to try to bypass signaling firewalls — here's new research showing how the latest attack works:
https://t.co/Gg0tZ0euL9
@EneaAB @josephfcox @rj_gallagher @campuscodi @lorenzofb
@h51un6 Thanks. I didn't mention LightBasin or the related GTPDoor due to lack of time.
GTPDoor in particular, using GTP-C, would have been in scope as part of recent understanding of the deeper 'layers' of core security & attacks
Could only fit in so much in 30 minutes & left a lot out!
I'll be explaining how we got here, how attackers and defenders have evolved and the future of securing mobile networks.
https://t.co/JoPGyMWflH
Happy to have contributed to this mobile phone security episode with @veritasium. Its a great introduction to #ss7 and its security risks. Plus kudos to @yodresh for his work.
New video! I hacked @LinusTech to expose the vulnerability in our phone system https://t.co/LSWKPk3lUt
@shashj Different method but same principle of how niche or unusual comms equipment can lead to less security is in Ukraine. Recommendations are to use ordinary phones and SIMs, unusual/different or 'hardened' devices stand out and draw attention https://t.co/eQTNfTayGY
@drogersuk @GunshipGirl You could confirm it if you do manage to talk to this person, and get them to confirm what time/date they got a call from "you" + the spammer may have left a recorded message in that attack. That's if they would talk to you-sadly these attacks reduce the trust in telecom networks
@drogersuk @GunshipGirl What this most likely is, is that a spammer has spoofed your number to ring this 07 number. 07 never answered that call, but sees a missed call coming from the spammer using your number , and decides to ring you "back". 07 ringing you isn't part of the attack, its a side-effect.
Last Seen Users on Sotwe
うた
Seen from France
名掛シルス 大体毎日20時頃~配信中☆彡
Seen from Japan
劉福喜
Seen from Vietnam
زياد العتيبييي
Seen from Saudi Arabia
Rafi Akbar
Seen from Indonesia
Penyuka Stw,ibu²
Seen from Indonesia
shaziabagam
Seen from United Arab Emirates
Haidara Jouriah
Seen from Brazil
Tzy
Seen from Singapore
𝑱𝝁𝒔𝝉 𝜿𝒊𝒔𝒔 𝒎𝜺 💋
Seen from Saudi Arabia
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers