Although using strong passwords and additional security systems, not necessarily your Facebook account safe from hackers. The reason, according to a study, 1.26 percent in the world’s Facebook accounts vulnerable to hackers.
Some researchers proved, simply by utilizing a cell phone number, they can steal your Facebook account to exploit the network Signaling System 7 (SS7).
SS7 is a telecommunications protocol defined by ITU-T and is used by companies calls between offices using techniques common-channel signaling (CCS), which is used to separate the packet-switched network for signaling purposes. SS7 is also known as C7.
Through the SS7 network, hackers can forward calls and messages to their own devices. All they need is a phone number and some details of the device to perform
Even recently, they also can hijack accounts WhatsApp and Telegram with the same trick. On Facebook, the hacker attack through the link “Forgot account?” On the main page of Facebook.
When asked an email address or a phone number associated with your target account, the hacker gives a number of emails and mobile phone number they think is valid.
By shifting a text message containing a passcode to your PC or smartphone of their own, the hacker can log in to the victim’s account. The attack happened as it requires the user to register a phone number to Facebook.
In fact, every service that uses SMS to verify their account, allowing hackers to target customers.
Hackers have been exploiting weaknesses, and monitoring company has sold SS7 services for US $ 20 million to the intelligence services, while network operators seek to protect customers.
Forbes reported that British intelligence organizations Government Communications Headquarters (GCHQ) to help European operators improve their SS7 security, through the national technical authority for information assurance Communications-Electronics Security Group (CESG).
Vodafone and Telefonica today has increased its security system. Karsten Nohl, a security researcher is helping to protect the network of a mobile operator in order to prevent security problems associated with SS7.