Login Papers Register

Need an account to vote? Register to attend at gsec.hitb.org/sg2018/
Deadline is 30th June 2018!

<< previous next >>

Telecom Battlefield: How SS7 Trojans Bypass All Existing Security Features

Sergey Puzankov

2 vote(s)

For years now, SS7 security has been in the focus of security researchers and the media. The threat of hackers using SS7 flaws to steal money from bank accounts, by intercepting text messages that contain one-time passwords, has moved from fantasy to fact. The good news is that mobile operators understand the problem and are starting to protect their signaling networks, due to which signaling security is improving. The bad news is that signaling security remains woefully inadequate.

Our recent research demonstrates that there are some "tricks" for bypassing existing security tools, including both SMS Home Routing and SS7 firewalls. SS7 Trojans that implement such techniques will be discussed including:


Sergey was born in 1976. He graduated from Penza State University with a degree in automated data processing and management systems in 1998. Before joining Positive Technologies in 2012, he worked as a quality engineer at VimpelCom. Being a security expert in telecommunication systems at Positive Technologies, he is engaged in the research of signaling network security and in audits for international mobile operators. He is part of the team that revealed vulnerable points in popular two-factor authentication schemes using texts and demonstrated how easy it is to compromise Facebook, WhatsApp, and Telegram accounts.

As an expert in telecom security, he researches signaling network security and participates in audits for international mobile operators.
Sergey is also the general developer of the Telecom Vulnerability Scanner tool and member of the Telecom Attack Discovery development team and co-author of Positive Technologies annual reports on telecom security.