Tips:
-Turn off call forwarding to make an attacker’s access to your data impossible;
-Give up 2FA via SMS when the password is sent in the text, and use a two-factor identification software solution.
Many users choose to use mobile authentication because they are used to doing it, and the smartphone is always on hand. Positive Technologies, a company that specializes in cybersecurity, has demonstrated how easy it is to intercept an SMS with a password confirmation, transmitted practically worldwide by the Signaling System 7 (SS7) protocol.
Specialists were able to hijack the text messages using their own research tool, which exploits weaknesses in the cellular network to intercept text messages in transit. A demonstration was carried out using the example of Coinbase accounts, which shocked the users of the exchange. At a glance, this looks like a Coinbase vulnerability, but the real weakness is in the cellular system itself, Positive Technologies stated. This proved that any system can be accessed directly via SMS, even if 2FA is used.
Impenetrable Crypto Wallet : private keys never stored , anywhere , at any given time . The Private Key (PK) is safely generated by you , known only to you , and can be accessed only by you .
The Device generating the PK, is not storing at any given time the PK generated . It is generated by you , on the spot , with a passphrase , when needed , for just a few milliseconds , just to sign in the transaction and then disappear permanently from the device .
Comentarios