Espionage Campaign Steals Massive Amounts Of Data From Cell Network Providers

Experts Comments (0)
Security researchers at Cybereason have uncovered a massive espionage campaign involving the theft of call records from hacked cell network providers to conduct targeted surveillance on individuals of interest. The hackers systematically broke into more than 10 cell networks around the world over the past seven years to obtain all data stored in the active directories including usernames, passwords, billing data, call detail records, credentials, email servers, geo-locations of users and more. According to the researchers, the tools and TTPs used are commonly associated with the Chinese threat actor APT10.  The hackers originally gained access into one of the cell networks by exploiting a vulnerability on a server to gain a foothold onto the provider’s internal network. From there, the hackers would continue to exploit each machine they came across by stealing credentials to gain deeper access. The affected cell networks are based in Europe, Africa, the Middle East and Asia. None were thought to be in the U.S., according to the researchers that discovered this campaign.