An SS7 attack is an exploit that takes advantage of a weakness in the design of SS7 (Signalling System 7) to enable data theft, eavesdropping, text interception and location tracking
While the SS7 network is fundamental to cellphones and its operators, the security of the design relied entirely on trust. The SS7 network operators counted on one another to play by the rules. Now, with operators opening the SS7 network to offer third-party access as a commercial offering, vulnerabilities are being exposed and attacked. Service provider cooperation with government agencies enabled state surveillance; the newly opened network and greater exposure enable access by agencies in other nations and individual hackers.
In 2014, security researchers in Germany demonstrated that attackers could exploit security holes in SS7 to track cell phone users' movements and communications and eavesdrop on conversations. The attack in question is essentially a man-in-the-middle attack on cell phone communications that, among other things, exploits the lack of authentication in the communication protocols that run on top of SS7.interception and location tracking
ss7 Attack tutorial Download