April 24 news, according to foreign media reports, recently, the US telecommunications giant T-Mobile admitted that it was attacked by the hacker group Lapsus$ in the past few weeks. T-Mobile’s source code was stolen.
Source code is the lifeblood of a company. Once the source code is stolen, the user’s account password, personal information and other sensitive private information of customers in the system, and even the customer’s payment information will be stolen, which will lead to accidents such as the theft of bank cards, and also cause huge damage to the system platform. economic losses. However, T-Mobile said the hacking group Lapsus$ did not steal customer or government information in the attack.
After obtaining the credentials of some T-Mobile employees, Lapsus$ used the company’s internal tools, such as T-Mobile’s customer management system Atlas, to perform a SIM swap attack. The VPN credentials used for the initial access were reportedly obtained from a Russian-language darknet black market.
In essence, a SIM card swap attack is to replace the mobile phone number of the attacked target, and change the mobile phone number stored in the system to the mobile phone and device owned by the attacker. In this way, the attacker can obtain information such as SMS verification codes or phone calls received by the target.
According to reports, the hacking group Lapsus$ also tried to crack the T-Mobile accounts of the FBI and the US Department of Defense in this attack on T-Mobile, but was ultimately unsuccessful, because the accounts of the two agencies required additional verification measures.
T-Mobile is one of the world’s largest telecommunications companies, with more than 100 million subscribers, and is also a commonly used operator by overseas Chinese. T-Mobile has suffered several hacking attacks in recent years. Among them, T-Mobile suffered a relatively serious attack in August 2021. This hacking attack exposed the personal information of more than 47 million T-Mobile customers. T-Mobile compensated customers by giving away 2 years of free identity protection and advised all customers to change their PINs.
Some researchers speculate that the hacker group Lapsus$ is from South America, and most of its members are minors. A few days before the group’s 16-year-old leader was arrested, Lapsus$ said he would take a break. Earlier, Lapsus$ also attacked large companies such as Nvidia, Microsoft, and Samsung. Lapsus$ has gained widespread attention for its high-profile actions in March, and Lapsus$ has voted online on whether to attack T-Mobile. Lapsus$ has also made high-profile announcements of recruiting corporate insiders employed by tech giants and internet service providers, including Microsoft, Apple, IBM and others.
This article is reprinted from: https://www.leiphone.com/category/DataSecurity%20/0WZQ8ftn2y4Ayecp.html
This site is for inclusion only, and the copyright belongs to the original author.