The currency exchange is a tasty morsel for hackers and intruders of all kinds.

We recently wrote about the fact that the crypto-exchange exchanges underwent a series of phishing attacks. In addition to this hacking method, attackers actively use social engineering tools. But the white hackers from Positive Technologies managed to simplify the scheme, they decided not to contact the call center, convincing the operator, they are the true owners of the account, and instead use SS7 - a system of service protocols actively used in telecommunications.

After hacking, this system can be used to intercept SMS messages used to verify the identity of the user (this is called two-factor authentication or 2FA). Currency Exchange Coinbase is one of the most popular sites in this niche and it (or rather your account there) is easy to crack using this scheme, as evidenced by the video:.

Everything comes down to a few simple steps:.

Attempted authorization in Gmail 2. Password reset after SMS interception, 3.

Changing the password for Coinbase - and the money is gone The scheme seems simple, but in order to use it you need to have at your disposal the phone number of the victim, know his name and surname.

This means that although initially the system of two-factor authentication (2FA) was considered a good security measure, it is not as secure as it is customary to think and if you use it, and most crypto-currency services insist on its use, then you need to be extremely cautious.