First reported for-profit SS7 attacks

Security experts agree that malicous attacks are more likely to be perpetrated when a potential financial gain exists for the attackers. This is why our remote SS7 vulnerability assessments and SS7 vulnerability trainings make a point to show operators the gain that attackers can derive from each attack vectors, including the possibility to steal SMS-based tokens (also called TANs) used by banks in certain countries to provide two factor authentication to execute wire transfers.
Sueddeutsche Zeitung has just reported a series of sucessful attacks that took place earlier this year and resulted in multiple fraudulent wire transfers from bank accounts of German consumers.
More on this story, including comments from The Telecom Defense Company’s Principal Consultant Jean Gottschalk, can be found in an article published today by Security Week.