Most SS7 exploit service suppliers on dark website are scammers

The existence of Signaling Technique 7 (SS7) mobile telephony protocol vulnerabilities is something protection scientists warned about in 2016, and it only took a yr right before the initially assaults exploiting them have been noticed.

In the yrs that adopted, governments exploited SS7 flaws to track folks abroad, and hackers made use of them to hijack Telegram and electronic mail accounts.

Apart from SMS, the SS7 safety gaps can be exploited to intercept or forward phone calls, 2FA codes, locate devices, spoof SMS, and much more.

But are these hacking providers as considerable as rumored, or is the darkish website complete of scammers that are simply ready to snatch the income of aspiring spies?

An investigation on availability

Analysts at SOS Intelligence have searched the dim net for companies of SS7 exploitation expert services and discovered 84 exclusive onion domains boasting to offer them.

After narrowing down the outcomes to all those that appeared to be even now lively, they ended up with only the pursuing 4:

  • SS7 Exploiter
  • SS7 Online Exploiter
  • SS7 Hack
  • Dim Fox Current market
The Dark Fox Market website
The Dark Fox Market web page
Source: SOS Intelligence

All four assert to offer you SMS interception and spoofing, place monitoring, and simply call interception and redirection.

By examining the network topology facts for these sites, the scientists uncovered that some of them have been rather isolated, not owning lots of inbound one-way links.

This is not a very good indicator of the reliability and credibility of the web page and is ordinarily an indicator of recently established-up scamming platforms.

Additionally, the SS7 Hack website appears copied from a clearnet web site made in 2021, so it seems to be like a fraud.

On hoping to use its SS7 exploit package, hoping for the implementation of an API mirroring purpose, the researchers bought almost nothing as the services was offline.

Dark Fox Market service purchase page
Darkish Fox Current market assistance invest in site
Supply: SOS Intelligence

On the Darkish Fox Marketplace platform, which expenses $180 for just about every focused mobile phone variety, researchers discovered the identical demo movies uploaded by Russian end users on YouTube in 2016.

These had been most possible stolen from YouTube and had no relevance to the Dark Fox Current market system, which gives no working SS7 exploitation provider in any case.

Despite all that, by analyzing the furnished cryptocurrency wallets of these platforms, SOS Intelligence located that the scammers are earning substantial amounts of dollars.

Authentic SS7 exploit expert services hidden

The above does not signify that there are no SS7 exploitation companies on the dark web, but somewhat that the serious types are hidden powering membership-only hacking boards and marketplaces this kind of as Globe Industry.

As is generally the case on the darkish world-wide-web, the very first research effects that one particular can obtain on the “area” generally guide to ripoffs.

WorldMarket post offering SS7 exploit services
WorldMarket article featuring SS7 exploit companies
Resource: KELA

One would have to dig deeper to get the actual deal, but this under no circumstances eliminates the probabilities of nonetheless landing on the receiving finish of a rip-off.

Innovative danger actors have obtain to cellphone info by means of affiliations or their individual functions, so they really don’t will need to lookup for suppliers of SS7 exploit expert services.