07-29-2020, 03:55 PM
(This post was last modified: 07-30-2020, 01:07 AM by RTP.
Edit Reason: clearing it up a bit
)
(07-29-2020, 01:54 PM)Athansor Wrote: I don't know if this is occurring on the UBports end of things or the carrier end, but this is a somewhat concerning security bug.
I can send but do not receive SMS messages, I'm on dev channel, up to date as of today. I've filed a bug on that elsewhere. A couple of times a day I message my wife to see if she gets mine and to see if I get her reply. I never do. Today, I messaged her and she replied to the received message. I did not receive her reply, though her iPhone noted that the message had been received. She then got a message saying "Who is this?" to which she responded "It's your wife," and then a reply back saying "Huh?"
I did not receive any of her messages, nor did I receive any of the replies to those messages from whoever was sending them.
About 20 minutes after that, I DID receive a text message. It was an automated message from Venmo (or purporting to be so), with a 2-factor authorization code. That is the only text message I have received in several weeks. I have never had a venmo account.
My wife is using an iPhone, recent version, never has had any difficulties with SMS.
Can somebody explain to me what is going on, and how to fix it? I mean, like ASAP? I have no idea how much of my data is being compromised.
I am, to put it mildly, a little bit freaked.
That is concerning.
Here is suggestion: disable 2g. may be unrelated but 2g imsi catchers (stingrays that can act as man in middle) are the most common/accessible to teenagers. Something everyone might want to do to prevent 2g imsi attacks.
The venmo 2fa sms reminds me of what I have read on sim jacking
Read more about it here: https://thehackernews.com/2019/09/simjac...cking.html
I'm not sure if it depends on mms or if it can be done via simple sms, but apparently it is used for surveillance/hackers, many times specifically targeting users for one reason or another. And as the article states just about *all phones* are vulnerable because it is the sim card itself that has the vulnerability- Not Pinephone (sim card has its own java browser!).
One thing sim jacker may do is try to access bank accounts/other financial services. sms 2fa becomes a problem when the jacker gets ahold of accounts using their cell phone sms as security (other forms of 2fa are suggested until sim cards are replaced).
I hope it is just some type of "crossing lines bug" w/carrier, but I would take a look at your bank account- if it is an attacker they may use various "lost my password send a txt" feature *if* it is some kind of attack.
You may want to temp take your cell phone number off bank account/other important phone number linked accounts for the time being if worried.
Thanks for making us aware. Btw did you see any other strange activity? Were there any strange links in the Venmo msg?
Edit: Hopefully it is just a carrier problem. I have seen people get fake texts trying to get them to click on malware links randomly in txts.
- RTP
"In the beginner's mind there are many possibilities, in the expert's mind there are few." -Shunryu Suzuki
[ Pinephone Original | Pinetab v1 / v2 Enjoyer ]
Linux Device Privacy / Security Playlist
"In the beginner's mind there are many possibilities, in the expert's mind there are few." -Shunryu Suzuki
[ Pinephone Original | Pinetab v1 / v2 Enjoyer ]
Linux Device Privacy / Security Playlist