• just_another_person@lemmy.world
    link
    fedilink
    arrow-up
    7
    arrow-down
    3
    ·
    edit-2
    2 months ago

    TLDW: they didn’t “hack” the actual phone, they just used someone who has unfettered access to SS7 to reroute/bridge a network deviceid and takeover for another registered device. It’s something governments do, not some random script kiddie.

    It’s kiiiinda babytown frolics if you have the money and connections already, but I guess this is informative for people who don’t know how it works by now. It’s like saying you “hacked” the car dealership by stealing the keys to a car and driving off with it. You just stole a car.

    https://www.eff.org/deeplinks/2024/07/eff-fcc-ss7-vulnerable-and-telecoms-must-acknowledge