Skip to content

T1449 Exploit SS7 to Redirect Phone Calls/SMS

An adversary could exploit signaling system vulnerabilities to redirect calls or text messages (SMS) to a phone number under the attacker’s control. The adversary could then act as an adversary-in-the-middle to intercept or manipulate the communication. 1 2 3 4 5 Interception of SMS messages could enable adversaries to obtain authentication codes used for multi-factor authentication6.

Item Value
ID T1449
Tactics TA0038
Platforms Android, iOS
Version 1.2
Created 25 October 2017
Last Modified 28 July 2021

Procedure Examples

ID Name Description
S0602 Circles Circles can intercept voice calls and SMS messages.7


ID Mitigation Description
M1009 Encrypt Network Traffic Use of end-to-end encryption of voice calls and text messages “provides another layer in the defense against potential information compromise by SS7 enabled eavesdropping.”5
M1014 Interconnection Filtering -


Back to top