The rising mobile cyber-crime drives mobile users to communicate via secure messaging services such as WhatsApp and Telegram, which claim to offer end-to-end encryption. This trend starts to spread in BYOD programs that serve a broad range of employees, all of whom actually control their own devices and apps. Commercial chat services and many other mobile applications use SMS authentication as the security verification mechanism. However, any SMS-based authentication flow, including two-phase authentication, is extremely vulnerable and users are not aware of it or tend to suppress it. The SMS is hackable via SS7 signaling security gaps, IMSI catchers, and cellular operator manipulations. The SS7 signaling mechanism enables hackers to extract the identity of messaging services users and impersonate them virtually.

Hacking the SMS enables hackers to impersonate and reply to WhatsApp and Telegram chats on behalf of the legitimate users.

Furthermore, hackers using an IMSI catcher can attack the SMS driven authentication flow, redirect and manipulate it to penetrate the mobile device. SS7 exploitation requires simple equipment (though the setup to gain access to SS7 is complex) and IMSI catchers are less scarce and expensive than ever.

In contrast, the IntactPhone uses a proprietary enrollment flow for its secure communications services. The system administrator enrolls users to the Intact Command Center which allows them to exchange secure communications via self-contained phonebook. The enrollment flow eliminates the ability to extract the security verification element and impersonate to another user. This is just another proof how the IntactPhone stands up to today’s threat landscape.

Watch here a nice illustration how hackers hijack WhatsApp and Telegram accounts using known telecom flaw. 

By Noam Potter

Privacy Preference Center


These cookies are used to guarantee site logged-in to the server and proper site operation.

wordpress_e0e89334ac52a69b56ac8982b9a3784d wordpress_logged_in_e0e89334ac52a69b56ac8982b9a3784d, wp-settings-2, wp-settings-time-2, wpe-auth


These Google cookies are used for re-targeting, optimization, reporting, and attribution of online adverts and remarketing activity.



These third party cookies are used to collect information about how visitors use the site. The information is used to compile reports to improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

1P_JAR, APISID, APISID, DSID, DV, HSID, OTZ, __ncuid, _ga, __utmx, __utmxx


Various unique identifiers by Google, which stores your preferred use options.
Google sets a number of cookies on any page that includes a Google product such as Google Map and YouTube. While we have no control over the cookies set by Google, they appear to include a mixture of pieces of information to measure the number and behavior of Google tools users. This may include information that links your visits to our website with your Google account if you are signed in to one. Information about your use of our website, including your IP address, may be transmitted to Google and stored on their servers. These cookies may not identify you personally unless you are logged into Google, in which case it is linked to your Google account.