Hacking and Telecommunications - Cyber Security Informer

Nation-State Attacker of Telecommunications Networks

Schneier on Security

OCTOBER 22, 2021

Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures.

Telecommunications

Telecommunications Architecture Mobile Hacking

Syniverse Hack

Schneier on Security

OCTOBER 6, 2021

No details about the hack. I’ve never heard of the company. It could be nothing. It could be a national intelligence service looking for information.

Hacking

Hacking Telecommunications Mobile Data breaches

Video: Salt Typhoon Hacks Major Telecom Giants Using Malware

eSecurity Planet

DECEMBER 4, 2024

In this video, we delve into the world of cybercrime with our feature on the Salt Typhoon incident, where hackers successfully breached major telecommunications companies. The post Video: Salt Typhoon Hacks Major Telecom Giants Using Malware appeared first on eSecurity Planet.

Hacking

Hacking Malware Telecommunications Cybercrime

Hacked by Police

Schneier on Security

JULY 3, 2020

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Lots of details about the hack in the article.

Hacking

Hacking Telecommunications Encryption Firewall

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Security Affairs

JUNE 4, 2024

The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the American telecommunications company Frontier Communications.

Telecommunications

Telecommunications Hacking Data breaches Cybercrime

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. Do NOT conduct CFPB work using mobile voice calls or text messages,” reads the email sent to the employees referencing a recent government statement acknowledging the telecommunications infrastructure attack.

Hacking

Hacking Internet Internet Government

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. Recently, many cybercriminals have been creating profiles shortly before sharing information about hacks, attacks, or data leaks in France.” Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

Security Affairs

JUNE 27, 2022

The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. SecurityAffairs – hacking, RAT).

Telecommunications

Telecommunications Malware Media Passwords

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

In each incident, the intruders have left behind a “web shell,” an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser. organizations, including banks, credit unions, non-profits, telecommunications providers, public utilities and police, fire and rescue units.

Hacking

Hacking Software Government Internet

European Telecommunications Standards Institute (ETSI) suffered a data breach

Security Affairs

OCTOBER 2, 2023

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute ( ETSI ).

Telecommunications

Telecommunications Data breaches Technology Passwords

Cell Networks Hacked by (Probable) Nation-State Attackers

Schneier on Security

JULY 9, 2019

Original report : Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. The attack was aiming to obtain CDR records of a large telecommunications provider.

Hacking

Hacking Telecommunications Malware Passwords

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. The Chinese APT focuses on government entities and telecommunications companies in Southeast Asia.

Mobile

Mobile Telecommunications Data breaches Hacking

Technical Report of the Bezos Phone Hack

Schneier on Security

JANUARY 24, 2020

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman.investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it.

Hacking

Hacking Backups Spyware Encryption

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Telecommunications Healthcare Insurance

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

. “The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” ” reads the joint statement issued by CISA and FBI. law enforcement requests pursuant to court orders.

Government

Government Telecommunications Surveillance Risk

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

telecommunication and internet service providers. The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. for its involvement in the activities of the Salt Typhoon APT group, which recently compromised multiple U.S.

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

The Hacker News

NOVEMBER 26, 2024

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies.

Hacking

Hacking Telecommunications Malware

China-linked hackers target telecommunication providers in the Middle East

Security Affairs

MARCH 24, 2023

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. ” reads the report published by SentinelLabs.

Telecommunications

Telecommunications Malware Mobile Internet

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

The group serves various sectors, including finance, government, healthcare, and telecommunications. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, NKTsKI ) designated military-industrial base entities such as Rostec and United Aircraft Corporation.”

Telecommunications

Telecommunications Software Technology Healthcare

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

. “The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” ” reads the joint statement issued by CISA and FBI. law enforcement requests pursuant to court orders.

Government

Government Telecommunications Surveillance Risk

TalkTalk confirms data breach involving a third-party platform

Security Affairs

JANUARY 27, 2025

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. UK telecommunications company TalkTalk confirmed a data breach after a threat actor claimed responsibility for the cyber attack on a cybercrime forum and offered for sale alleged customer data.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Ukraine) The malspam messages had the topic Free primary legal aid use a password-protected attachment Algorithm of actions of members of the family of a missing serviceman LegalAid.rar.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

FBI Shuts Down Chinese Botnet

Schneier on Security

SEPTEMBER 19, 2024

Those devices were used to help infiltrate sensitive networks related to universities, government agencies, telecommunications providers, and media organizations… The botnet was launched in mid-2021, according to the FBI, and infected roughly 260,000 devices as of June 2024.

Telecommunications

Telecommunications Media Malware Internet

T-Mobile detected network intrusion attempts and blocked them

Security Affairs

NOVEMBER 28, 2024

“Like the entire telecommunications industry, T-Mobile has been closely monitoring ongoing reports about a series of highly coordinated cyberattacks by bad actors known as “Salt Typhoon” that are reported to be linked to Chinese state-sponsored operations. ” reads the report published by the telecommunications company.

Mobile

Mobile Telecommunications Government Internet

Deep Panda Hacking Group Is Targeting VMware Horizon Servers

Heimadal Security

APRIL 1, 2022

In addition to the government, military, banking, and telecommunications sectors, Deep Panda is a suspected Chinese threat organization that has been known to target a wide range of businesses. The post Deep Panda Hacking Group Is Targeting VMware Horizon Servers appeared first on Heimdal Security Blog.

Hacking

Hacking Telecommunications Healthcare Banking

Illegal Data Center Hidden in Former NATO Bunker

Schneier on Security

OCTOBER 9, 2019

Investigators say the platforms it hosted included "Cannabis Road," a drug-dealing portal; the "Wall Street Market," which was one of the world's largest online criminal marketplaces for drugs, hacking tools and financial-theft wares until it was taken down earlier this year; and sites such as "Orange Chemicals" that dealt in synthetic drugs.

Telecommunications

Telecommunications Marketing Hacking

Americans urged to use encrypted messaging after large, ongoing cyberattack

Malwarebytes

DECEMBER 5, 2024

Speaking to Reuters , a senior US official said the attack telecommunications infrastructure was broad and that the hacking was still ongoing. The state-sponsored actor behind the attack is an Advanced Persistent Threat (APT) group known as Salt Typhoon, believed to be tied to the People’s Republic of China (PRC).

Encryption

Encryption Identity Theft Media Telecommunications

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

telecommunication and internet service providers. The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. for its involvement in the activities of the Salt Typhoon APT group, which recently compromised multiple U.S.

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. SecurityAffairs – hacking, data breach). The post SFO discloses data breach following the hack of 2 of its websites appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Hacking Telecommunications Advertising

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

US Cyber Command and Microsoft Are Both Disrupting TrickBot

Schneier on Security

OCTOBER 15, 2020

The crooks running the Trickbot botnet typically use these config files to pass new instructions to their fleet of infected PCs, such as the Internet address where hacked systems should download new updates to the malware. To execute this action, Microsoft formed an international group of industry and telecommunications providers.

Telecommunications

Telecommunications Internet Internet Malware

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Telecommunications Accountability

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Iranian hackers recently have been blamed for hacking VPN servers around the world in a bid to plant backdoors in large corporate networks. As the Citrix hack shows, if you don’t know you should probably check, and then act on the results accordingly. 28, 2018, a claim Citrix initially denied but later acknowledged.

VPN

VPN Passwords Software Telecommunications

APT Horoscope

Schneier on Security

JANUARY 8, 2021

Just like Capricorn, Helix Kitten (also known as APT 35 or OilRig) is a skilled navigator of vast online networks, maneuvering deftly across an array of organizations, including those in aerospace, energy, finance, government, hospitality, and telecommunications.

Telecommunications

Telecommunications Phishing Government Hacking

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

Yang faces charges for illegal telecommunications operations, with investigations ongoing to uncover his network and mastermind Thai police issued warrants for 24 suspects, including 9 foreigners and 15 Thais. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, SMS blaster)

Mobile

Mobile Scams Technology Telecommunications

Chinese State-backed Actors Hack Telecom Firms to Steal Data

Heimadal Security

JUNE 8, 2022

An advisory recently published by multiple US federal agencies shows that Chinese state-backed cybercriminals have attacked and impacted important telecommunications organizations and network service providers in order to snatch credentials and collect sensitive data.

Hacking

Hacking Telecommunications Cybersecurity

T-Mobile denies it was hacked, links leaked data to vendor breach

Bleeping Computer

JUNE 19, 2024

T-Mobile has denied it was breached or that source code was stolen after a threat actor claimed to be selling stolen data from the telecommunications company. [.]

Mobile

Mobile Telecommunications Hacking

Iranian hackers target energy sector with new DNS backdoor

Bleeping Computer

JUNE 10, 2022

The Iranian Lycaeum APT hacking group uses a new.NET-based DNS backdoor to conduct attacks on companies in the energy and telecommunication sectors. [.].

DNS

DNS Telecommunications Hacking

6 out of 11 EU agencies running Solarwinds Orion software were hacked

Security Affairs

APRIL 16, 2021

European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021. The hack allowed the threat actors to spy on the internal email traffic. Pierluigi Paganini.

Hacking

Hacking Software Telecommunications Cyber Attacks

LightBasin hacking group breaches 13 global telecoms in two years

Bleeping Computer

OCTOBER 19, 2021

A group of hackers that security researchers call LightBasin has been compromising mobile telecommunication systems across the world for the past five years. [.].

Telecommunications

Telecommunications Hacking Mobile

China-Linked Cyber Threat Group Hacks US Treasury Department

Tech Republic Security

JANUARY 2, 2025

Threat actors entered Treasury Department systems through BeyondTrust. The breach may be related to the Salt Typhoon attacks reported throughout the year.

Cyber threats

Cyber threats Hacking Telecommunications Software

Former telecom manager admits to doing SIM swaps for $1,000

Bleeping Computer

MARCH 15, 2024

A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. [.]

Telecommunications

Telecommunications Accountability Hacking

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware. “ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Russia)

Telecommunications

Telecommunications DNS Passwords Hacking

Nation-State Attacker of Telecommunications Networks

Syniverse Hack

Trending Sources

Video: Salt Typhoon Hacks Major Telecom Giants Using Malware

Hacked by Police

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

France’s second-largest telecoms provider Free suffered a cyber attack

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

European Telecommunications Standards Institute (ETSI) suffered a data breach

Cell Networks Hacked by (Probable) Nation-State Attackers

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Technical Report of the Bezos Phone Hack

Black Basta ransomware gang hit BT Group

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

China-linked hackers target telecommunication providers in the Middle East

Russia warns financial sector organizations of IT service provider LANIT compromise

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

TalkTalk confirms data breach involving a third-party platform

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

FBI Shuts Down Chinese Botnet

T-Mobile detected network intrusion attempts and blocked them

Deep Panda Hacking Group Is Targeting VMware Horizon Servers

Illegal Data Center Hidden in Former NATO Bunker

Americans urged to use encrypted messaging after large, ongoing cyberattack

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

SFO discloses data breach following the hack of 2 of its websites

China-linked LightBasin group accessed calling records from telcos worldwide

US Cyber Command and Microsoft Are Both Disrupting TrickBot

Storm-2372 used the device code phishing technique since August 2024

Hackers Were Inside Citrix for Five Months

APT Horoscope

Thai police arrested Chinese hackers involved in SMS blaster attacks

Chinese State-backed Actors Hack Telecom Firms to Steal Data

T-Mobile denies it was hacked, links leaked data to vendor breach

Iranian hackers target energy sector with new DNS backdoor

6 out of 11 EU agencies running Solarwinds Orion software were hacked

LightBasin hacking group breaches 13 global telecoms in two years

China-Linked Cyber Threat Group Hacks US Treasury Department

Former telecom manager admits to doing SIM swaps for $1,000

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Stay Connected