Hackers steal call records from cell providers in ‘massive-scale’ espionage
Get link
Facebook
X
Pinterest
Email
Other Apps
-
The attackers are believed to be state-backed. Illustration by Alex Castro / The Verge
Hackers have stolen call records from over 10 cell providers worldwide as part of a “massive-scale” espionage attempt against at least 20 individuals, TechCrunch reports. The attack has been dubbed “Operation Softcell” by Cybereason, the security research firm that discovered it. It’s sophisticated enough that the firm believes there’s a “very high probability” it’s state-backed.
The target of the attacks are “call detail records,” which contain detailed metadata on every call made from an individual’s phone, including times, dates, and the cell-based location of the device. The content of calls are not held in these records, but the metadata alone is hugely valuable. If a carrier doesn’t realize that its network has been infiltrated, then the hackers could have access to this data in real time, and individuals would have no way of knowing that their data has been compromised.
Although the attackers have penetrated deeply enough into each service provider that “they could shut down the network tomorrow,” Cybereason’s head of security research, Amit Serper told CNET, their focus seems to be espionage, rather than disruption. The hackers appear to be targeting high profile government and military targets, whose movements and communications will be significantly compromised by the hack.
The attacks were first discovered a year ago, but go back by as many as seven years. The researchers say the attacks are ongoing, and that the hacker’s servers are still operational.
At least 10 unnamed cell networks across Europe, Asia, Africa, and the Middle East have been hit by the hack, which is not thought to have affected any North American providers. Cybereason says the hackers initially gained access to the networks by finding an exposed server or by using an old vulnerability, before penetrating through the network until they came to the caller data records database. The hackers created privileged accounts in order to easily regain access later, and in one case even set up a VPN connection to easily tunnel back into the network.
The sophistication of the attacks means that Cybereason believes the group is nation-state backed, and the techniques used match those of APT10, a notorious Chinese hacking group which was charged with stealing data from NASA, IBM, and other US tech companies last year. However, since this group’s tools and methods are now publicly available, the researchers say there’s no definitive proof that the group is behind the attack.
Although no US providers are thought to have been affected by the hack, the discovery of what appears to be a Chinese state-backed hacking attempt is likely to escalate tensions between the US and China. The Trump administration is concerned that China is willing and able to conduct cyber warfare against its enemies, and cited cybersecurity concerns when it placed Huawei on the entities list, over fears that the company could use its network equipment to sneak malware into US networks.
Source: Jon Porter|@JonPorty (The Verge). ~Best Feeds ™...
Giertz got tired of waiting for Elon Musk to release Tesla’s first pickup truck, so she made one herself. Simone Giertz was tired of waiting for Elon Musk to unveil his new Tesla pickup truck, so she decided to make one herself. The popular YouTuber and self-described “queen of shitty robots” transformed a Model 3 into an honest-to-god pickup truck, which she dubs “Truckla” — and naturally you can watch all the cutting and welding (and cursing) on her YouTube channel. There’s even a fake truck commercial to go along with it. Giertz spent over a year planning and designing before launching into the arduous task of turning her Model 3 into a pickup truck. And she recruited a ragtag team of mechanics and DIY car modifiers to tackle the project: Marcos Ramirez, a Bay Area maker, mechanic and artist; Boston-based Richard Benoit, whose YouTube channel Rich Rebuilds is largely dedicated to the modification of pre-owned Tesla models; and German des...
Chelsea will face Arsenal in the Europa League final on May 29 after knocking out Eintracht Frankfurt on penalties. Chelsea beat Eintracht Frankfurt on penalties on Thursday to set up an all-English Europa League final with local rivals Arsenal in Baku on May 29. Arsenal beat La Liga side Valencia 7-3 on aggregate, while in the other semi-final Chelsea and Eintracht Frankfurt finished 2-2 on aggregate after extra time. Chelsea won 4-3 on penalties to finally overcome their Bundesliga challengers. The result means both of Europe's club competitions will feature all-English finals after Tottenham Hotspur set up a June 1 title decider with Liverpool in the Champions League. Chelsea won the penalty shoot-out 4-3 and with it a place in the final against Arsenal. Kepa Arrizabalaga saved from Martin Hinteregger and Goncalo Paciencia before Hazard converted the decisive kick. Scores, Results & Fixtures THURSDAY 9TH MAY 2019 Chelsea 1 Frankfurt 1 ( Agg 2-2 ...
Lyft claims it has an exclusive license to operate both dockless and docked bikeshares in the city. Photo by Justin Sullivan / Getty Images Lyft filed a lawsuit against San Francisco today claiming city authorities are violating a contract it has with the ride-hailing company that gives Lyft exclusive rights to operate bike-share programs in the area. San Francisco’s Municipal Transportation Agency, on the other hand, says it has the authority to sign partnerships with dockless (also called stationless) vendors, and that Lyft’s contract gives it exclusivity only on docked bike shares. Lyft is seeking a temporary restraining order to prevent the city from issuing bikeshare permits to new vendors. As of today, Lyft owns the company Motivate, which operates the Ford GoBike bikeshare program in San Francisco, a docked program that until very recently offered both electric and non-electric bikes, among many others around the country. (Lyft pulled the e-bikes off city streets in A...
Comments
Post a Comment