Hacking, Information Security and Mobile

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. and international telecom firms.

Mobile

Mobile Telecommunications Data breaches Hacking

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Malware

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Hacking Surveillance Malware

Samsung zero-day flaw actively exploited in the wild

Security Affairs

OCTOBER 22, 2024

A vulnerability resides in Samsung mobile processors and according to the experts, it has been chained with other vulnerabilities to achieve arbitrary code execution on vulnerable devices. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Samsung)

Firmware

Firmware Mobile Spyware Media

VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. ” VMware HCX (Hybrid Cloud Extension) is a workload mobility platform designed to simplify the migration, rebalancing, and continuity of workloads across data centers and clouds.

Authentication

Authentication Mobile Hacking Information Security

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

” An SMS blaster attack is a cyberattack where a large number of malicious or fraudulent SMS messages are sent to mobile devices within a specific area or to a targeted group. SMS blaster attacks can exploit vulnerabilities in mobile networks and typically require proximity to the targeted devices for localized attacks.

Mobile

Mobile Scams Technology Telecommunications

Mobile virtual network operator Mint Mobile discloses a data breach

Security Affairs

DECEMBER 23, 2023

Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers’ personal information. Mint Mobile experienced a recent data breach, exposing customers’ personal information to unauthorized access by threat actors.

Data breaches

Data breaches Mobile Wireless Data collection

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Security Affairs

AUGUST 6, 2024

Threat actors breached the UK-based mobile device management (MDM) firm Mobile Guardian and remotely wiped thousands of devices. Hackers breached the mobile device management (MDM) firm Mobile Guardian, the company detected unauthorized access to iOS and ChromeOS devices on August 4th. ” reported the MOE.

Mobile

Mobile Education Hacking Cybercrime

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. We want to reassure you that Interbank guarantees the security of your deposits and all your financial products.” Interbank , formally the Banco Internacional del Perú Service Holding S.A.A.

Data breaches

Data breaches Financial Services Hacking Mobile

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

MARCH 29, 2025

“The emergence of the Crocodilus mobile banking Trojan marks a significant escalation in the sophistication and threat level posed by modern malware. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) . ” ThreatFabric concludes.

Banking

Banking Mobile Identity Theft Malware

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

million mobile and fixed subscribers. “” The telecommunications firm has filed a criminal complaint and informed France’s agencies National Commission for Information Technology and Civil Liberties (CNIL) and the National Agency for the Security of Information Systems (ANSSI). . Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Attackers exploited SonicWall SMA appliances since January 2025

Security Affairs

APRIL 19, 2025

Threat actors are actively exploiting a remote code execution flaw in SonicWall Secure Mobile Access (SMA) appliances since January 2025. Arctic Wolf researchers warn that threat actors actively exploit a vulnerability, tracked as CVE-2021-20035 (CVSS score of 7.1), in SonicWall Secure Mobile Access (SMA) since at least January 2025.

Passwords

Passwords VPN Firewall Accountability

OP KAERB: Europol dismantled phishing scheme targeting mobile users

Security Affairs

SEPTEMBER 21, 2024

A joint international law enforcement operation led by Europol dismantled a major phishing scheme targeting mobile users. Europol supported European and Latin American law enforcement agencies in dismantling an international criminal network that unlocks stolen or lost mobile phones using a phishing platform.

Mobile

Mobile Phishing Computers and Electronics Marketing

Russian authorities arrest three suspects behind Mamont Android banking trojan

Security Affairs

MARCH 28, 2025

. “Preliminary findings indicate that the suspects developed malware called Mamont, which they distributed via Telegram channels under the guise of safe mobile applications and video files. Crooks typically disguise the malicious code as legitimate mobile apps or video files.

Banking

Banking Computers and Electronics Mobile Malware

750 million Indian mobile subscribers’ data offered for sale on dark web

Security Affairs

JANUARY 30, 2024

Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK researchers warned that a database containing data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January.

Mobile

Mobile Identity Theft Cybercrime Cyber Attacks

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Security Affairs

APRIL 8, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp immediately alerted targeted users of a possible compromise of their devices. The Meta-owned company linked the hacking campaign to Paragon , an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Media Hacking Surveillance

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,zero-day)

Government

Government Surveillance Mobile Hacking

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

Cell C is the fourth-largest mobile network operator in South Africa, , after Vodacom, MTN, and Telkom. The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and international calling, SIM-only plans and device deals.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Chinese Android phone )

Malware

Malware Manufacturing Mobile Spyware

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

Security Affairs

OCTOBER 30, 2023

Canada banned the Chinese messaging app WeChat and Kaspersky antivirus on government mobile devices due to privacy and security risks. The Government of Canada announced a ban on the use of the WeChat and Kaspersky applications on government-issued mobile devices due to privacy and security risks.

Mobile

Mobile Government Data collection Antivirus

15 SpyLoan Android apps found on Google Play had over 8 million installs

Security Affairs

NOVEMBER 30, 2024

SpyLoan activity has surged, with malicious apps and infected devices increasing over 75% from Q2 to Q3 2024, highlighting their growing mobile threat presence. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Google Play)

Social Engineering

Social Engineering Media Mobile Scams

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

In March 2018, security researchers at Antivirus firmDr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231 The Triada Trojan was spotted for the first time in 2016 by researchers at Kaspersky Lab who considered it the most advanced mobile threat seen to the date of the discovery.

Malware

Malware Cryptocurrency Mobile Firmware

Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

Security Affairs

APRIL 29, 2025

.” In 2024, over 60% of zero-day exploits targeting enterprise tech hit security and networking tools, offering attackers efficient access to systems and networks. GTIG experts reported that in 2024, zero-day attacks targeting enterprise tech grew, while browser and mobile exploits dropped. ” continues the report.

Surveillance

Surveillance Mobile Software Hacking

Data leak exposes users of car-sharing service Blink Mobility

Security Affairs

DECEMBER 21, 2023

More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. Los Angeles-based electric car-sharing provider Blink Mobility left a misconfigured MongoDB database open to the public.

Mobile

Mobile Identity Theft Passwords Phishing

A cyber attack briefly disrupted South African Airways operations

Security Affairs

MAY 9, 2025

The breach temporarily disrupted access to the airlines website, mobile application, and several internal operational systems, prompting swift response measures to mitigate its effects.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,South African Airways)

Cyber Attacks

Cyber Attacks Data breaches Telecommunications Mobile

African multinational telco giant MTN Group disclosed a data breach

Security Affairs

APRIL 26, 2025

Founded in 1994, it has grown to become Africa’s largest mobile network operator, serving over 290 million subscribers across 18 countries in Africa and the Middle East. The company is also expanding into areas like mobile money and digital entertainment, aiming to become Africas leading digital platform.

Data breaches

Data breaches Telecommunications Financial Services Mobile

Former British Prime Minister Liz Truss ‘s phone was allegedly hacked by Russian spies

Security Affairs

OCTOBER 30, 2022

According to the Daily Mail, Former British Prime Minister Liz Truss ‘s personal phone was hacked by Russian spies. The personal mobile phone of British Prime Minister Liz Truss was hacked by cyber spies suspected of working for the Kremlin, the Daily Mail reported. SecurityAffairs – hacking, Liz Truss).

Hacking

Hacking Mobile Government Cyber threats

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

Attackers can discover IP address by sending a link over the Skype mobile app

Security Affairs

AUGUST 28, 2023

A security researcher demonstrated how to discover a target’s IP address by sending a link over the Skype mobile app. The security researcher Yossi discovered that is possible to discover a target’s IP address by sending a link over the Skype mobile app. The problem only impacts the Skype mobile app.

Mobile

Mobile Media VPN Risk

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

IntelBroker targeted many major organizations in past attacks, including AMD , AT&T, Bank of America, Microsoft, Europol , SAP, T-Mobile, Verizon, and others. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach)

Cybercrime

Cybercrime Data breaches Technology Banking

Californian IT company DNA Micro leaks private mobile phone data

Security Affairs

OCTOBER 18, 2023

IMEI is a unique number assigned to each mobile device and is used to identify a device on a mobile network. If that happens, it can cause disruptions to the mobile service of the device. The leak also increases the risk of malware attacks, as exposed information about phone models could be exploited by threat actors.

Mobile

Mobile Phishing Manufacturing Risk

Phishing attacks target mobile users via progressive web applications (PWA)

Security Affairs

AUGUST 23, 2024

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs).

Phishing

Phishing Mobile Banking Social Engineering

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

BT Group operates in 180 countries, the company leads in UK fixed-line, broadband, mobile, TV, and IT services. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware) The attack did not impact live BT Conferencing services.

Ransomware

Ransomware Telecommunications Healthcare Insurance

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

Security Affairs

DECEMBER 12, 2023

The Ukrainian telecommunications company provides communication services and data transmission based on a broad range of fixed and mobile technologies, including 4G (LTE) in Ukraine. The Kyivstar mobile network serves about 26 million mobile customers and more than 1 million broadband fixed internet customers in the country.

Cyber Attacks

Cyber Attacks Mobile Internet Internet

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Security Affairs

NOVEMBER 8, 2024

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. Apple has not yet commented on the issue.

Media

Media Mobile Passwords Hacking

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

T-Mobile detected recent infiltration attempts but confirmed no unauthorized system access occurred, and no sensitive data was compromised. This is not the case at T-Mobile.” Connectivity to a compromised provider was interrupted, and T-Mobile notified industry and government leaders.

Telecommunications

Telecommunications Government Mobile Cyber threats

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Security Affairs

NOVEMBER 12, 2024

Law enforcement warned that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source.

Media

Media Wireless Mobile Encryption

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Security Affairs

MARCH 3, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, spyware) added Donncha Cearbhaill.

Hacking

Hacking Spyware Technology Surveillance

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

Researchers form mobile security firm iVerify reported that the issue stems from a pre-installed Android app called “Showcase.apk,” which runs with excessive system privileges, allowing it to remotely execute code and install remote package. ” reads the report. Google is also notifying other Android OEMs.

Hacking

Hacking Firmware Mobile Penetration Testing

Android Keyboard Apps with 2 Million downloads can remotely hack your device

Security Affairs

DECEMBER 2, 2022

Experts found multiple flaws in three Android Keyboard apps that can be exploited by remote attackers to compromise a mobile phone. SecurityAffairs – hacking, Android Keyboard). The post Android Keyboard Apps with 2 Million downloads can remotely hack your device appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Authentication Mobile Passwords

Zoom addressed two high-severity issues in its platform

Security Affairs

NOVEMBER 13, 2024

Zoom Offensive Security reported both vulnerabilities, the vulnerabilities impact Zoom Workplace App, Rooms Client, Rooms Controller, Video SDK, and Meeting SDK prior to version 6.2.0 across desktop and mobile platforms, and Workplace VDI Client for Windows before version 6.1.12 (except 6.0.14).

Authentication

Authentication Mobile Hacking Information Security

Esperts found new DoNot Team APT group’s Android malware

Security Affairs

JANUARY 20, 2025

The DoNot APT group has been observed misusing the OneSignal platform, which typically provides tools for sending push notifications, in-app messages, emails, and SMS widely used in mobile and web applications. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware)

Malware

Malware Cyber Attacks Mobile Phishing

Threat actors hacked Taiwan-based Chunghwa Telecom

Security Affairs

MARCH 4, 2024

literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country. Threat actors stole sensitive information from the company, including military and government documents, revealed Taiwan’s Defense Ministry.

Hacking

Hacking Government Cyber threats Cyber Attacks

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Hacking Cyber threats Mobile

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Trending Sources

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Samsung zero-day flaw actively exploited in the wild

VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX

Thai police arrested Chinese hackers involved in SMS blaster attacks

Mobile virtual network operator Mint Mobile discloses a data breach

Hackers breached MDM firm Mobile Guardian and wiped thousands of devices

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

France’s second-largest telecoms provider Free suffered a cyber attack

Attackers exploited SonicWall SMA appliances since January 2025

OP KAERB: Europol dismantled phishing scheme targeting mobile users

Russian authorities arrest three suspects behind Mamont Android banking trojan

750 million Indian mobile subscribers’ data offered for sale on dark web

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

South African telecom provider Cell C disclosed a data breach following a cyberattack

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Canada bans WeChat and Kaspersky apps on government-issued mobile devices

15 SpyLoan Android apps found on Google Play had over 8 million installs

New Triada Trojan comes preinstalled on Android devices

Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

Data leak exposes users of car-sharing service Blink Mobility

A cyber attack briefly disrupted South African Airways operations

African multinational telco giant MTN Group disclosed a data breach

Former British Prime Minister Liz Truss ‘s phone was allegedly hacked by Russian spies

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Attackers can discover IP address by sending a link over the Skype mobile app

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Californian IT company DNA Micro leaks private mobile phone data

Phishing attacks target mobile users via progressive web applications (PWA)

Black Basta ransomware gang hit BT Group

Kyivstar, Ukraine’s largest mobile carrier brought down by a cyber attack

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Android Keyboard Apps with 2 Million downloads can remotely hack your device

Zoom addressed two high-severity issues in its platform

Esperts found new DoNot Team APT group’s Android malware

Threat actors hacked Taiwan-based Chunghwa Telecom

New Leak Shows Business Side of China’s APT Menace

Stay Connected