The nation’s three major telecoms yesterday announced measures that allow customers to cancel their voicemail themselves following reports that the service contains a loophole that hackers could exploit to hijack Line accounts.
Line is Taiwan’s largest text messaging app, with approximately 22 million active users.
On Tuesday evening, some Line users — mostly customers of Taiwan Mobile — reported that they were being logged off for no reason and were told that their accounts did not exist when they tried to log in again.
Photo: Reuters
While the telecoms were still trying to ascertain the reasons for the abnormality, a user on Threads pointed to a security loophole in the voicemail service.
Hackers have been activating Line’s request for verification codes by typing victims’ mobile phone numbers to sign into the app, the user said, adding that deleting text messages containing verification codes would not impede efforts to hack into the accounts.
Hackers then requested verification codes via voice, prompting the app to call the victims. If the victim misses the call, a voice message containing the verification code would then go to the voicemail box.
Hackers get hold of the verification codes by listening to messages in the voicemail box, which they accessed through a remote voice mail portal by typing the victims’ mobile phone numbers and passwords — usually 0000 or 1234 by default, as many people never change passwords to voicemail boxes.
After obtaining the verification codes, hackers can sign in and seize control of other people’s Line accounts.
Some Taiwan Mobile users, previously customers of Taiwan Star, continued to use the default voicemail passwords after the merger of the two firms in 2023.
Customer service lines across all three telecoms were overwhelmed yesterday, as anxious customers called to cancel their voicemail.
Chunghwa Telecom said it had not received any customer reports of account breaches, but in response to customer inquiries about disabling voicemail, it has provided interactive voice response guidance via its 123 customer service hotline.
Customers can follow the instructions to disable voicemail by entering “##002#” on their phone and pressing the call button.
Far EasTone Telecommunications also said it had not received reports of any messaging app accounts being compromised.
Nonetheless, it has added a “disable voicemail” button on the “Telecom Services” homepage of its “FET Life” app, allowing customers to complete the process quickly.
Taiwan Mobile said its users are required to set a personal password when using remote voicemail access for the first time. All users must complete personalized password setup before activating the remote access feature.
As to some former Taiwan Star users who are still using default settings, Taiwan Mobile said that it has fully removed the default password mechanism to ensure security controls are aligned with current standards.
Taiwan Mobile also reminded former Taiwan Star users to complete their personalized password setup by dialing 123 on their mobile phone, using the Taiwan Mobile app or contacting customer service. They can also disable voicemail through the app.
Actor Darren Wang (王大陸) was sentenced to six months in prison, commutable to a fine, by the New Taipei District Court today for contravening the Personal Data Protection Act (個人資料保護法) in a case linked to an alleged draft-dodging scheme. Wang allegedly paid NT$3.6 million (US$114,380) to an illegal group to help him evade mandatory military service through falsified medical documents, prosecutors said. He transferred the funds to Chen Chih-ming (陳志明), the alleged mastermind of a draft-evasion ring, although he lost contact with him as he was already in detention on fraud charges, they said. Chen is accused of helping a
SECURITY: Starlink owner Elon Musk has taken pro-Beijing positions, and allowing pro-China companies to control Taiwan’s critical infrastructure is risky, a legislator said Starlink was reluctant to offer services in Taiwan because of the nation’s extremely high penetration rates in 4G and 5G services, the Ministry of Digital Affairs said yesterday. The ministry made the comments at a meeting of the legislature’s Transportation Committee, which reviewed amendments to Article 36 of the Telecommunications Management Act (電信管理法). Article 36 bans foreigners from holding more than 49 percent of shares in public telecommunications networks, while shares foreigners directly and indirectly hold are also capped at 60 percent of the total, unless specified otherwise by law. The amendments, sponsored by Chinese Nationalist Party (KMT) Legislator Ko
‘SAME OLD TRICK’: Even if Beijing resumes individual travel to Taiwan, it would only benefit Chinese tourism companies, the Economic Democracy Union convener said China’s 10 new “incentives” are “sugar-coated poison,” an official said yesterday, adding that Taiwanese businesses see them clearly for what they are, but that Beijing would inevitably find some local collaborators to try to drums up support. The official, speaking on condition of anonymity, made the remark ahead of a news conference the General Chamber of Commerce is to hold today. The event, titled “Industry Perspectives on China’s Recent Pro-Taiwan Policies,” is expected to include representatives from industry associations — such as those in travel, hotels, food and agriculture — to request the government cooperate with China’s new measures, people familiar with
The eastern extension of the Taipei MRT Red Line could begin operations as early as late June, the Taipei Department of Rapid Transit Systems said yesterday. Taipei Rapid Transit Corp said it is considering offering one month of free rides on the new section to mark its opening. Construction progress on the 1.4km extension, which is to run from the current terminal Xiangshan Station to a new eastern terminal, Guangci/Fengtian Temple Station, was 90.6 percent complete by the end of last month, the department said in a report to the Taipei City Council's Transportation Committee. While construction began in October 2016 with an
RSS