[ad_1]
According to a California-based cybersecurity firm, a digital spy network linked to Chinese interests has hacked part of the global telecommunications network to steal large amounts of cell phone data.
CrowdStrike reported The results of an investigation revealed on Tuesday’s blog that the hacking group dubbed “LightBasin” by the firm and popularly known as UNC1945 has compromised at least 13 global telecommunications companies since 2019.
“We found overlap between known Chinese hacking groups operating on the same network as LightBasin and using the same obscure Romanized version of Chinese characters.” Adam MeyersCrowdStrike’s senior vice president of intelligence told The Washington Times.
Unlike malware that victims have to download unknowingly, the new attacks involve mapping lesser-known communication protocols to extract chunks of information directly from mobile operators’ 2G and 3G networks.
With the information at its disposal, China could potentially track political opponents through the cell phones of American agents and other foreign nationals working with them.
“LightBasin is targeting individuals like hackers, cell phone operator level diplomats, journalists and others. At this level, the enemy can identify where your business is and start looking at who you’re texting and calling,” he said. Meyers explained.
In particular, hackers use General Packet Radio Service (GPRS) technology, which allows mobile phones to open a browser and communicate with the internet, and public telephone networks to extract data.
“They hide within these lesser-known protocols that some telecom companies may not know to control malicious activity,” he said. Meyers said.
The firm’s investigation found “clear evidence of a highly sophisticated adversary” abusing these systems and transmitting information to a state-sponsored adversary, apparently through sophisticated targeting mechanisms.
It also found evidence that LightBasin operates both in support of known PANDA (Chinese state-sponsored) adversaries and within Chinese organizations, providing hackers with “reasonable denial” when confronted.
Mr. Meyers He said cooperation with the US intelligence community may be necessary for the telecommunications industry to stop ongoing, persistent and innovative attacks.
[ad_2]
Source link