LuxSecure

The SS7 Exploit: How Hackers Intercept Your SMS 2FA Codes

Tim Kerger — Sun, 14 Dec 2025 10:58:24 +0000

Why Your Phone Number is the Weakest Link in Your Security

We tend to trust our phones implicitly. When you log into your bank account and it asks for a text message code, you feel secure. After all, that code goes to your phone, right?

But what if the network itself—the global infrastructure that connects every carrier in the world—could be tricked into sending that code to someone else?

This isn’t sci-fi; it’s a very real, decades-old vulnerability known as the SS7 Exploit. In this post, we’ll break down what SS7 is, how hackers abuse it to intercept One-Time Passwords (OTPs), and most importantly, how you can stop them.

What is SS7? (The Telecom Nervous System)

Signaling System No. 7 (SS7) is a set of telephony protocols developed in 1975. Think of it as the “nervous system” of the global telecommunications network. It handles the heavy lifting that happens in the background when you make a call or send a text:

Routing: Connecting a call from Verizon in New York to Vodafone in London.
Billing: ensuring the right user is charged.
Roaming: This is the key feature. When you travel to another country, SS7 allows your home network to “find” you on a foreign network so you can still receive calls and texts.

The Flaw: A Trust Problem

The fundamental flaw in SS7 is that it was built on implicit trust. In the 1970s, there were only a few state-owned telecom operators. The designers assumed that anyone connected to the SS7 network was a trusted peer.

No Authentication: The protocol generally does not verify the origin of a request. If a command says, “I am a carrier in Germany, and User X is now on my network,” the home network usually believes it without asking for a password or digital signature.
Widening Access: Today, access to the SS7 network isn’t just for big telecoms. It can be leased by smaller carriers, VoIP providers, and third-party hubs—or bought illicitly on the dark web.

Anatomy of the Attack: The “Roaming” Trick

So, how does an attacker use this trusted system to steal your bank login? They don’t need to hack your phone, your SIM card, or the bank’s servers. They hack the route.

Here is the high-level mechanism of an SS7 OTP Interception:

Surveillance (The Setup): The attacker only needs your phone number. They likely already have your banking username/password (from a phishing email or a database leak) but are stuck at the 2FA screen.
The “UpdateLocation” Lie: The attacker uses their access to the SS7 network to send a specific command called UpdateLocation to your mobile carrier.
Network Confusion: This command tells your carrier: “Hey, this phone number is now roaming on my network (the attacker’s fake network). Please route all calls and texts here.”
- Because of the “trust flaw” mentioned earlier, your carrier updates its database. It thinks you have traveled to the attacker’s location.
The Interception: The attacker triggers the “Forgot Password” or login flow on your bank account. The bank generates an OTP and texts it to your number.
Redirect: Your carrier looks at its database, sees you are “roaming” on the attacker’s network, and forwards the SMS containing the code directly to the hacker.
Cash Out: The hacker enters the code, logs in, and you are none the wiser until you check your balance.

Note: During this attack, your actual phone may lose service or simply fail to receive incoming texts, which is often the only warning sign.

Has This Actually Happened?

Yes. While complex to pull off, this is not theoretical.

The O2 / Süddeutsche Zeitung Incident (2017): Hackers drained the bank accounts of victims in Germany by intercepting SS7 SMS codes.
Metro Bank (2019): Motherboard reported that hackers used SS7 attacks to intercept codes and defraud customers in the UK.

It is sophisticated, expensive to execute, and usually targeted at high-value victims—but the capability exists.

How to Protect Yourself

The scary part of SS7 attacks is that you cannot “patch” your phone to fix it. The vulnerability lies in the cellular infrastructure, not your device.

However, you can render the attack useless by removing the target.

1. Stop Using SMS for Two-Factor Authentication (2FA)

If an attacker intercepts your SMS, game over. But if your 2FA code is generated locally on your device, the SS7 network doesn’t matter.

Do this: Go to your security settings (Google, Facebook, Bank, etc.) and disable SMS 2FA.
Enable this: Authenticator Apps (Google Authenticator, Authy, Microsoft Authenticator). These apps generate codes offline that never traverse the cellular network.

2. Use End-to-End Encrypted Messaging

For private conversations, avoid standard SMS. Use apps like Signal or WhatsApp. These apps use data (internet) rather than signaling protocols for the message content. Even if a hacker redirects your data connection, the messages are encrypted and unreadable without your private key.

3. Consider Hardware Keys

For the highest level of security, use a hardware key (like a YubiKey). This requires a physical USB key to be plugged into the device to log in, making remote interception completely impossible.

Summary

The SS7 exploit is a reminder that legacy technology often underpins our modern digital lives. While telecom operators are slowly implementing firewalls and moving to newer standards (like Diameter for 4G/5G, though it has its own issues), the best defense is to take your security into your own hands.

Cybersecurity in Luxembourg: Current Landscape (mid 2025)

Tim Kerger — Wed, 29 Oct 2025 11:21:10 +0000

1. Introduction: Why cybersecurity matters for Luxembourg

The Grand Duchy of Luxembourg occupies a unique position in Europe’s digital economy. With a strong financial sector, data-intensive business profiles, and numerous international institutions, the country’s exposure to cyber-risks is higher than in many peer states. At the same time, Luxembourg has made cybersecurity a strategic pillar of its digital transformation.
As such, understanding the state of cybersecurity in Luxembourg today means looking at (a) the threat landscape, (b) the institutional and ecosystem response, and (c) remaining challenges and opportunities.

2. Threat Landscape: What Luxembourg is facing

High-profile incidents

In July 2025, Luxembourg launched a formal investigation into a cyberattack that caused a nationwide telecommunications outage. The attacker reportedly exploited a vulnerability in a “standardised software component” used by POST Luxembourg, the main telecom operator.
Commentators have described this incident as a “warning shot”, underscoring the dependence of national infrastructure on mobile networks and the potential cascading effects when those networks are disrupted.
More broadly, phishing remains the dominant form of cyber incident in Luxembourg, accounting for around 72 % of cases in one dataset.

Sectoral vulnerabilities

The financial services sector, data centres and critical infrastructure are key targets in Luxembourg’s economy. According to a report by Luxembourg House of Cybersecurity (LHC), hybrid conflict and cyber operations are considered a frontline of defence alongside traditional domains.
Small and medium-sized enterprises (SMEs) face particular challenges: limited staff, resources, and specialist expertise which makes them more vulnerable.

3. Institutional & Ecosystem Response

National coordination & key players

The Luxembourg House of Cybersecurity (LHC) serves as the national hub for cyber-resilience, hosting two key units: CIRCL (Computer Incident Response Center Luxembourg) and NC3 (National Cybersecurity Competence Center).
Luxembourg’s cyber-ecosystem is listed as “front-runner” in Europe: over 300 companies active in cybersecurity, many of them startups established in the past five years.

Awareness, training, and events

National campaigns such as Cybersecurity Week Luxembourg (CSWL) gather industry, government and academia. In 2025, CSWL featured over 20 events and culminated in a Gala & Awards Night recognizing cyber-talent and innovation.
Events focused on education and research communities include CyberDay.lu (Oct 2025), organised by the Restena Foundation, which engaged students and researchers in cyber hygiene, shadow-IT and 5G/education sector issues. ( restena.lu )

Collaboration & international links

Luxembourg is strengthening partnerships beyond its borders. For example, the LHC and the International Committee of the Red Cross (ICRC)’s Global Cyber Hub signed a cooperation agreement covering digital resilience, humanitarian action and open-source technology.
The country also promotes its role as a cyber-innovation hub, working with initiatives across Europe and Israel emphasising automated security services and technology transfer.

4. Strengths & Opportunities

Strong ecosystem & innovation: The growth of local cyber-companies and startups positions Luxembourg well to develop home-grown solutions.
High national commitment: Luxembourg ranks highly in international indices (for example, 13th globally in one ranking) indicating a mature strategic approach.
Resilience training and crisis simulation: Facilities such as ROOM#42, operated by the LHC, provide immersive cyber-crisis simulation training to organisations—lifting preparedness above mere compliance.

5. Challenges & Areas for Improvement

Critical infrastructure dependence: The telecom outage incident illustrates that national systems remain vulnerable where redundancy and contingency planning may lag.
SME resource gap: Smaller firms often lack the budgets or specialised talent to implement robust cybersecurity measures, making them weaker links in the chain.
Transparency & reporting: While many incidents are handled, only a fraction are publicly reported; the low visibility means broader risk awareness may lag.
Evolving threat environment: As technologies like AI, quantum computing and 5G become more prominent, traditional defence models must evolve. Luxembourg’s ecosystem is aware of this but the pace of change is rapid.

6. What this Means for Businesses & Individuals in Luxembourg

For businesses:

Undertake regular cyber-maturity assessments, especially if handling sensitive data or part of critical infrastructure.
Invest not only in technology but in training and crisis simulation (e.g., using platforms like ROOM#42).
Expect regulatory growth: EU frameworks such as NIS 2 Directive (which Luxembourg is subject to) bring stronger obligations on incident-reporting, risk-management and vendor/supply-chain security.
Collaborate with national bodies: Engage with CIRCL/NC3 via the LHC for threat intelligence, incident response and best-practice sharing.

For individuals:

Beware of phishing: as one report shows, over 70 % of cyber-breaches in Luxembourg involve phishing.
Maintain good cyber hygiene: strong passwords, multi-factor authentication (MFA), secure home networks.
Stay informed about state-led awareness campaigns (e.g., CSWL, CyberDay.lu) and take advantage of free training or materials.

7. Outlook: The Next 3–5 Years

Luxembourg is well-positioned to continue strengthening its cybersecurity posture. Key expectations include:

Elevation of public-private collaboration: more formal frameworks for sharing threat-intelligence between the state, telecoms, financial sector and SMEs.
Greater automation and use of AI for threat-detection, particularly among resource-constrained SMEs (a gap identified in 2025).
Strengthening of supply-chain and infrastructure resilience: following high-profile incidents, stronger regulation and investment in redundant and secure telecoms/backbone networks.
Continued emphasis on talent development: national competitions such as the Luxembourg CyberSecurity Challenge (LCSC) feed into European contests and build future capacity.

8. Conclusion

In summary: Luxembourg has made cyber-resilience a national strategic priority. Its institutional architecture, growing ecosystem of cyber firms, and campaign of awareness/training place it among Europe’s more advanced states in this domain. But the threats continue to evolve—and even affluent infrastructure cannot assume immunity. For Luxembourg to stay ahead, the challenge will be maintaining agility, resource-balance (especially for smaller actors), and readiness for disruptive events.

How Hackers Hide Malicious Prompts in Images to Exploit Google Gemini AI

Tim Kerger — Sat, 04 Oct 2025 10:48:59 +0000

Exploit Overview:

1 .An attacker creates an image that looks harmless to people.

2. That image is designed so that when the AI service internally “prepares” or resizes it, readable text or a short instruction becomes visible to the AI.

3. The AI treats that newly visible text as part of the user input and may follow it, this could be to possibly access or send your private data or performing actions on your behalf.

How does this exploit work?

The practical gap between human view and model input:

Modern multimodal systems often accept user images but immediately downscale them to a fixed, lower resolution before feature extraction or OCR. Downscaling is done for efficiency (less compute and memory) and uses interpolation kernels (bicubic, Lanczos, etc.) that compute each target pixel as a weighted average of many source pixels.

That averaging step is the attack surface. By carefully choosing source pixels in a high-resolution image, an attacker can make the averaged, downscaled pixels form legible characters or a short instruction. Humans looking at the full-resolution image see only a normal photo; the model sees the downscaled image, and that’s where the hidden instruction “emerges.” Demonstrations and reporting show this technique works against Gemini’s pipeline and related integrations.

Ghosts in the image: exactly how attackers hide commands inside pictures

Imagine sending a harmless photo into an AI assistant — a vacation snap, a meme, a screenshot — and the assistant quietly follows an instruction that wasn’t visible to you. That’s the real risk researchers recently demonstrated: attackers can craft images that look normal to humans but contain hidden, machine-readable instructions that appear only after the service prepares the image for the AI. When the AI reads that secret instruction, it can do things like leak calendar entries, send messages, or trigger other automated actions.

Below is a clear, non-math explanation of how the attack works, why it’s dangerous, real examples researchers showed, and straightforward steps you or your team can take right away.

What the attack actually is — quick summary

An attacker creates an image that looks harmless to people.
That image is designed so that when the AI service internally “prepares” or resizes it, readable text or a short instruction becomes visible to the AI.
The AI treats that newly visible text as part of the user input and may follow it — possibly accessing or sending your private data or performing actions on your behalf.

Step-by-step: how an attacker builds and delivers the payload (plain words)

Decide the goal. The attacker chooses what they want the AI to do — e.g., “email my calendar events to attacker@example.com,” “call this phone number,” or “show account tokens.”
Create the hidden instruction. They render that short instruction as simple text in a tiny, low-resolution image (think: bold black text on white).
Blend it into a normal picture. Using a tool, they “hide” that tiny text inside a high-resolution cover image (a photo, meme, or screenshot) so humans see only the cover image. At normal viewing, the picture looks fine.
Send or upload the image to the target. The attacker posts the image where AI systems will see it — in chat, an email attachment, a shared doc, or a web form that feeds a multimodal assistant.
The AI reads the hidden prompt and acts. The service’s internal image processing makes the hidden instruction legible to the AI. If the AI is allowed to perform actions (or has integrations enabled), it may execute that instruction without a clear human confirmation. Researchers have demonstrated this in real demos.

Two concrete examples researchers showed (what actually happened)

Stealing calendar info: A crafted image caused an assistant integration to list and send a user’s calendar events to an attacker-controlled email. This wasn’t a hypothetical — demos showed it working against production-style setups.
Social-engineering flows: In another demo, an image triggered the assistant to craft a fake alert or phone prompt designed to trick users into calling or revealing sensitive info — essentially turning the assistant into a social-engineering tool.

These examples matter because many AI assistants connect to real tools (email, calendars, automations). If the assistant blindly follows instructions embedded in an image, the consequences become real-world, not just theoretical.

Why this is surprisingly effective (in simple terms)

The AI and the human see different things. The human sees the full photo; the AI often sees a version the system prepares for speed or compatibility — and that prepared version can reveal the hidden instruction.
Automation and trust make it worse. Some integrations are configured to allow automated actions (for convenience), so when the AI “reads” a command it can act without asking the user for permission. That’s how a hidden image turns into a real data leak or an action.

How realistic is the threat?

Very realistic. Multiple security labs and researchers published demos and tools showing the technique on popular platforms and assistants. Coverage in security outlets confirmed the attacks work against production-style interfaces and emphasized the practical risks.

What to do about it — what normal tech people and teams should do now

If you’re an individual user

Don’t upload or forward images from unknown sources into assistants that can access your accounts or do things for you. Treat them like suspicious attachments.
If an assistant suggests a sensitive action (emailing data, calling someone, changing settings), pause and verify manually before you approve. Ask: “Did I ask it to do that?”

If you run or build an AI-enabled product (practical defaults)

Require confirmation for sensitive actions. Don’t let the assistant perform or expose private data without clear, explicit user approval. Make manual approval the default.
Show users what the AI actually read. Before taking an action, display the exact thing the model consumed (for example, show the processed/preview image or the text the model extracted) and let the user cancel.
Turn off permissive automation. Default settings like “auto-trust” or “do actions automatically” should be disabled; require opt-in.
Add monitoring and red-teaming. Log image-triggered actions and test your system with malicious images to see how it behaves. Use known tools/research to simulate attacks.

Sources:

https://blog.trailofbits.com/2025/08/21/weaponizing-image-scaling-against-production-ai-systems/
https://labs.withsecure.com/publications/gemini-prompt-injection
https://www.wired.com/story/google-gemini-calendar-invite-hijack-smart-home/
https://thehackernews.com/2025/09/researchers-disclose-google-gemini-ai.html
https://www.securityweek.com/ai-systems-vulnerable-to-prompt-injection-via-image-scaling-attack/
https://www.bankinfosecurity.com/ai-models-resize-photos-open-door-to-hacking-a-29276
https://www.darkreading.com/remote-workforce/google-gemini-ai-bug-invisible-malicious-prompts
https://www.paubox.com/blog/new-ai-attack-uses-hidden-prompts-in-images-to-steal-user-data
https://github.com/trailofbits/anamorpher
https://pub.towardsai.net/how-hackers-hide-malicious-prompts-in-images-to-exploit-google-gemini-ai-62d4fd4a8417
https://www.business-reporter.com/technology/google-gemini-a-virtual-ai-assistant-with-an-evil-twin-1