2000, Hacking and Telecommunications - Cyber Security Informer

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications DNS Hacking Passwords

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

The Belgacom hack was the work of the UK GCHQ intelligence agency

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking

Hacking Spyware Telecommunications Malware

Google fixed a new Chrome Zero-Day actively exploited in the wild

Security Affairs

AUGUST 17, 2022

Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-22 [$2000][ 1345193 ] Medium CVE-2022-2860: Insufficient policy enforcement in Cookies.

Telecommunications

Telecommunications Mobile Engineering Hacking

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware

Malware Telecommunications DNS Hacking

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In September 2022, Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Pierluigi Paganini.

Ransomware

Ransomware Encryption Telecommunications Malware

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In December, Kyivstar , the largest Ukraine service provider went down after a major cyber attack.

Mobile

Mobile Telecommunications Cyber Attacks Internet

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The #SwiftSlicer wiper is written in Go programing language.

Telecommunications

Telecommunications Malware Hacking Technology

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs

NOVEMBER 9, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The report includes a discovery and hardening guidance, Indicators of Compromise (IoCs) and Yara rules.

Telecommunications

Telecommunications Hacking Technology Internet

19-Year-Old man arrested for misusing leaked record from Optus Breach

Security Affairs

OCTOBER 6, 2022

.” The arrest is the result of Operation Guardian led by AFP which became aware of a number of text messages demanding some Optus customers transfer $2000 to a bank account or face their personal information being used for financial crimes. SecurityAffairs – hacking, Optus). Follow me on Twitter: @securityaffairs and Facebook.

Data breaches

Data breaches Scams Telecommunications Financial Services

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The researchers observed C2 infrastructure relying on dynamic DNS domains masquerading as Ukrainian telecommunication service providers. Pierluigi Paganini.

Ransomware

Ransomware Telecommunications DNS Hacking

Sandworm APT group hit Ukrainian news agency with five data wipers

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications Malware Hacking Technology

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

. “FROZENBARENTS (aka Sandworm), a group attributed to Russian Armed Forces’ Main Directorate of the General Staff (GRU) Unit 74455, continues to focus heavily on the war in Ukraine with campaigns spanning intelligence collection, IO, and leaking hacked data through Telegram.” ” reads the report published by the Google TAG.

Phishing

Phishing Accountability Education Telecommunications

Israel’s Pager Attacks and Supply Chain Vulnerabilities

Schneier on Security

SEPTEMBER 24, 2024

Israel used this tactic against a Hamas bomb maker in 1996 and a Fatah activist in 2000. We know from an Edward Snowden document that the agency did this to a Cisco router destined for a Syrian telecommunications company. Even a small amount can do an impressive degree of damage.

Computers and Electronics

Computers and Electronics Telecommunications Risk Internet

Cyber Security Informer

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Trending Sources

The Belgacom hack was the work of the UK GCHQ intelligence agency

Google fixed a new Chrome Zero-Day actively exploited in the wild

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Russian Sandworm disrupts power in Ukraine with a new OT attack

19-Year-Old man arrested for misusing leaked record from Optus Breach

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Sandworm APT group hit Ukrainian news agency with five data wipers

Google TAG warns of Russia-linked APT groups targeting Ukraine

Israel’s Pager Attacks and Supply Chain Vulnerabilities

Stay Connected