The app has an unintended consequence. Sakari enables hackers to access one-time passwords (OTP) or login links sent via text message. In most cases, companies providing the service fail to notice the number that’s being redirected. No one has to request permission to send your texts to someone else.
Using these services, attackers intercept incoming text messages and reply to them. It is a hidden attack that redirects text messages from a victim to a hacker.
With any SMS attack, the big issue is the security of your other accounts. A hacker need only request a password reset link or code sent to your phone number. They redirect links, so they get the code. This enables them to access your account. Text messages can also send login links. The Motherboard report says that Postmates, WhatsApp, and Bumble all send login links via text.
In SIM jacking, the hacking victim loses cell service when the hack starts. But with the redirection method, you can still talk and text. There is no warning that your service is under attack.
