Hackers accessing PayPal via voicemail? Security expert says it's possible

Voicemail systems have had some of the same weaknesses for decades, and hackers could use those to break into PayPal and WhatsApp accounts

With just a simple script and a $40 virtual phone number, a hacker could automatically break into voicemail accounts at scale, and parlay that access into control over online accounts including WhatsApp or PayPal, or even track someone’s every move.

Martin Vigo, a Spanish hacker who works in mobile security, presented new research at the Def Con hacking conference in Las Vegas, demonstrating how easy it could be for a motivated attacker to break into phone voicemails, and how much more damaging that security breach could be than simply letting an attacker listen to messages.

Voicemails are still poorly secured, Vigo said, with many of the same weaknesses first documented more than 30 years ago largely unchanged in the back-ends of mobile carriers. All four major US carriers, for instance, have easily-guessable default pins protecting the inbox (most use the last few digits of the phone number the account is associated with, while one simply uses the same four digit code for every account).

Even for users who change their passwords, there’s little extra security. Most carriers limit protection to short numeric codes, with the minimum being just four digits; they don’t have any prevention against brute force attacks, letting hackers exhaustively try every possible code; and they even make brute force attacks easier by allowing callers to enter three pins at once, separated with a hash symbol.

https://www.theguardian.com/technology/2018/aug/10/hackers-accessing-paypal-via-voicemail-security-expert-says-its-possible

And hows those voting machines doing................not much............they can still be hacked...........and they can even be owned by a Russian Firm, just my state of Maryland......................we need Paper Ballots.................