It’s time to stop using SMS for anything.
By now most infosec professionals are aware of various ways SMS text messaging can be hijacked. For example so-called “SIM Swap” attacks, SS7 attacks, Port-out fraud, etc. All of these attacks however do require some level of sophistication, whether it be high level access to SS7, or account information or social engineering to successfully port out the phone number to a new provider or swap the sim on the existing account.
There is however other vulnerabilities that are not particularly well known. For VoIP numbers in particular, which may be assigned to a CLEC or VoIP wholesaler, the SMS may need to be routed to a different carrier than the carrier of record. This is accomplished in two different ways. One is an ALT SPID, which NPAC defines as “The four-digit identifier of a second service provider associated with a telephone number or thousand block. It identifies the wholesale service provider customer to which the PSTN service provider has assigned the number. The second service provider in turn may either assign the number to its retail customer or to another service provider for its use.” ALT SPIDs are vulnerable and susceptible to change and can be used to hijack SMS, but it too does require carrier-level access to make changes directly to NPAC. In particular, and importantly, it requires the current provider’s co-operation for the new carrier’s ALT SPID to be added in NPAC.
Which brings us to an alternative SMS routing provider, NetNumber. NetNumber has a product called NetNumber ID (NNID), it’s a 6 digit…
