Hacking and Telecommunications - Cyber Security Informer

Nation-State Attacker of Telecommunications Networks

Schneier on Security

OCTOBER 22, 2021

Someone has been hacking telecommunications networks around the world: LightBasin (aka UNC1945) is an activity cluster that has been consistently targeting the telecommunications sector at a global scale since at least 2016, leveraging custom tools and an in-depth knowledge of telecommunications network architectures.

Telecommunications

Telecommunications Architecture Mobile Hacking

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Security Affairs

APRIL 28, 2025

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Organizations face potential compromise of sensitive government and telecommunications data, the researchers speculate the attackers maintained prolonged, undetected access to their networks.

Telecommunications

Telecommunications Government Malware Hacking

Syniverse Hack

Schneier on Security

OCTOBER 6, 2021

No details about the hack. I’ve never heard of the company. It could be nothing. It could be a national intelligence service looking for information.

Hacking

Hacking Telecommunications Mobile Data breaches

Arguing Against CALEA

Schneier on Security

APRIL 8, 2025

Compromising our telecommunications infrastructure is now little different from performing any other kind of computer intrusion or data breach, a well-known and endemic cybersecurity problem. The hacks reportedly may have resulted in the “vast collection of internet traffic”; from the telecom and internet giants.

Telecommunications

Telecommunications Internet Internet Government

Video: Salt Typhoon Hacks Major Telecom Giants Using Malware

eSecurity Planet

DECEMBER 4, 2024

In this video, we delve into the world of cybercrime with our feature on the Salt Typhoon incident, where hackers successfully breached major telecommunications companies. The post Video: Salt Typhoon Hacks Major Telecom Giants Using Malware appeared first on eSecurity Planet.

Hacking

Hacking Malware Telecommunications Cybercrime

Hacked by Police

Schneier on Security

JULY 3, 2020

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Lots of details about the hack in the article.

Hacking

Hacking Telecommunications Encryption Firewall

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Krebs on Security

DECEMBER 14, 2020

all ten of the top ten US telecommunications companies. FireEye posits the impact of the hack on SolarWinds is widespread, affecting public and private organizations around the world. The Reuters story quotes several anonymous sources saying the intrusions at the Commerce and Treasury departments could be just the tip of the iceberg.

Hacking

Hacking Antivirus Software Accountability

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

Security Affairs

JUNE 4, 2024

The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the American telecommunications company Frontier Communications.

Telecommunications

Telecommunications Hacking Data breaches Cybercrime

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. Do NOT conduct CFPB work using mobile voice calls or text messages,” reads the email sent to the employees referencing a recent government statement acknowledging the telecommunications infrastructure attack.

Hacking

Hacking Internet Internet Malware

Another Massive Russian Hack of US Government Networks

Schneier on Security

DECEMBER 15, 2020

The press is reporting a massive hack of US government networks by sophisticated Russian hackers. Officials said a hunt was on to determine if other parts of the government had been affected by what looked to be one of the most sophisticated, and perhaps among the largest, attacks on federal systems in the past five years.

Government

Government Hacking Telecommunications Education

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. Recently, many cybercriminals have been creating profiles shortly before sharing information about hacks, attacks, or data leaks in France.” Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

Security Affairs

JUNE 27, 2022

The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a malware campaign targeting Ukrainian telecommunications operators with the DarkCrystal RAT. SecurityAffairs – hacking, RAT).

Telecommunications

Telecommunications Malware Media Passwords

European Telecommunications Standards Institute (ETSI) suffered a data breach

Security Affairs

OCTOBER 2, 2023

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute ( ETSI ).

Telecommunications

Telecommunications Data breaches Technology Passwords

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

In each incident, the intruders have left behind a “web shell,” an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser. organizations, including banks, credit unions, non-profits, telecommunications providers, public utilities and police, fire and rescue units.

Hacking

Hacking Software Government Internet

Cell Networks Hacked by (Probable) Nation-State Attackers

Schneier on Security

JULY 9, 2019

Original report : Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. The attack was aiming to obtain CDR records of a large telecommunications provider.

Hacking

Hacking Telecommunications Malware Passwords

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services. ” reads the advisory.

Telecommunications

Telecommunications Authentication Data collection Passwords

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. The Chinese APT focuses on government entities and telecommunications companies in Southeast Asia.

Mobile

Mobile Telecommunications Data breaches Hacking

Hacking Group Moshen Dragon Targets Asian Telecommunication Companies

Heimadal Security

MAY 3, 2022

Moshen Dragon is a strong hacking organization that has the capacity to change its strategy based on the kind of defenses they are encountering. The post Hacking Group Moshen Dragon Targets Asian Telecommunication Companies appeared first on Heimdal Security Blog. What Happened? What Happened? In […].

Telecommunications

Telecommunications Hacking Antivirus Passwords

Technical Report of the Bezos Phone Hack

Schneier on Security

JANUARY 24, 2020

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman.investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it.

Hacking

Hacking Backups Spyware Encryption

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

British multinational telecommunications holding company BT Group (formerly British Telecom) announced it has shut down some of its servers following a Black Basta ransomware attack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware

Ransomware Telecommunications Healthcare Insurance

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Security Affairs

MARCH 27, 2025

Arkana Security, a new ransomware group, claims to have breached the telecommunications provider WideOpenWest (WOW!). The new ransomware group Arkana Security claims to have hacked US telecom provider WOW!, is a US-based telecommunications company that provides broadband internet, cable TV, and phone services. ” WOW!

Hacking

Hacking Telecommunications Data breaches Internet

African multinational telco giant MTN Group disclosed a data breach

Security Affairs

APRIL 26, 2025

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg.

Data breaches

Data breaches Telecommunications Financial Services Mobile

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” reads the report published by the telecommunications company. “To ” reads the joint advisory.

Telecommunications

Telecommunications Government Mobile Cyber threats

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

. “The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” ” reads the joint statement issued by CISA and FBI. law enforcement requests pursuant to court orders.

Government

Government Telecommunications Surveillance Risk

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

telecommunication and internet service providers. The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. for its involvement in the activities of the Salt Typhoon APT group, which recently compromised multiple U.S.

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

China-linked hackers target telecommunication providers in the Middle East

Security Affairs

MARCH 24, 2023

Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial phases of attacks against telecommunication providers in the Middle East. ” reads the report published by SentinelLabs.

Telecommunications

Telecommunications Malware Mobile Internet

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

The Hacker News

NOVEMBER 26, 2024

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies.

Hacking

Hacking Telecommunications Malware

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

. “The US government’s continued investigation into the People’s Republic of China (PRC) targeting of commercial telecommunications infrastructure has revealed a broad and significant cyber espionage campaign.” ” reads the joint statement issued by CISA and FBI. law enforcement requests pursuant to court orders.

Government

Government Telecommunications Surveillance Risk

TalkTalk confirms data breach involving a third-party platform

Security Affairs

JANUARY 27, 2025

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. UK telecommunications company TalkTalk confirmed a data breach after a threat actor claimed responsibility for the cyber attack on a cybercrime forum and offered for sale alleged customer data.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

T-Mobile detected network intrusion attempts and blocked them

Security Affairs

NOVEMBER 28, 2024

“Like the entire telecommunications industry, T-Mobile has been closely monitoring ongoing reports about a series of highly coordinated cyberattacks by bad actors known as “Salt Typhoon” that are reported to be linked to Chinese state-sponsored operations. ” reads the report published by the telecommunications company.

Mobile

Mobile Telecommunications Government Internet

FBI Shuts Down Chinese Botnet

Schneier on Security

SEPTEMBER 19, 2024

Those devices were used to help infiltrate sensitive networks related to universities, government agencies, telecommunications providers, and media organizations… The botnet was launched in mid-2021, according to the FBI, and infected roughly 260,000 devices as of June 2024.

Telecommunications

Telecommunications Media Malware Internet

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

The financially-motivated group targeted organizations in the media, tourism, finance, insurance, manufacturing, energy, telecommunications, biotechnology and retail sectors. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware)

Malware

Malware Phishing Telecommunications Retail

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

The group serves various sectors, including finance, government, healthcare, and telecommunications. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, NKTsKI ) designated military-industrial base entities such as Rostec and United Aircraft Corporation.”

Telecommunications

Telecommunications Software Technology Healthcare

Deep Panda Hacking Group Is Targeting VMware Horizon Servers

Heimadal Security

APRIL 1, 2022

In addition to the government, military, banking, and telecommunications sectors, Deep Panda is a suspected Chinese threat organization that has been known to target a wide range of businesses. The post Deep Panda Hacking Group Is Targeting VMware Horizon Servers appeared first on Heimdal Security Blog.

Hacking

Hacking Telecommunications Healthcare Banking

Americans urged to use encrypted messaging after large, ongoing cyberattack

Malwarebytes

DECEMBER 5, 2024

Speaking to Reuters , a senior US official said the attack telecommunications infrastructure was broad and that the hacking was still ongoing. The state-sponsored actor behind the attack is an Advanced Persistent Threat (APT) group known as Salt Typhoon, believed to be tied to the People’s Republic of China (PRC).

Encryption

Encryption Identity Theft Media Telecommunications

SFO discloses data breach following the hack of 2 of its websites

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. SecurityAffairs – hacking, data breach). The post SFO discloses data breach following the hack of 2 of its websites appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Hacking Telecommunications Advertising

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

telecommunication and internet service providers. The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. for its involvement in the activities of the Salt Typhoon APT group, which recently compromised multiple U.S.

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

Illegal Data Center Hidden in Former NATO Bunker

Schneier on Security

OCTOBER 9, 2019

Investigators say the platforms it hosted included "Cannabis Road," a drug-dealing portal; the "Wall Street Market," which was one of the world's largest online criminal marketplaces for drugs, hacking tools and financial-theft wares until it was taken down earlier this year; and sites such as "Orange Chemicals" that dealt in synthetic drugs.

Telecommunications

Telecommunications Marketing Hacking

China-linked LightBasin group accessed calling records from telcos worldwide

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. CrowdStrike researchers reported that at least 13 telecommunication companies were compromised by since 2019. ” reads the report published by Crowdstrike.

Telecommunications

Telecommunications Mobile Hacking Architecture

A cyber attack briefly disrupted South African Airways operations

Security Affairs

MAY 9, 2025

” In April 2025, the South African multinational telecommunications company MTN Group Limited disclosed a data breach that exposed subscribers personal information, it added that the incident did not impact the core network, billing systems and financial services infrastructure.

Cyber Attacks

Cyber Attacks Data breaches Telecommunications Mobile

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.”

Phishing

Phishing Authentication Telecommunications Accountability

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 17, 2024

Agency Warns Employees About Phone Use Amid Ongoing China Hack APT Actors Embed Malware within macOS Flutter Applications The Botnet is Back: SSC STRIKE Team Uncovers a Renewed Cyber Threat Iranian “Dream Job” Campaign 11.24

Cryptocurrency

Cryptocurrency Malware Hacking Ransomware

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Ukraine) The malspam messages had the topic Free primary legal aid use a password-protected attachment Algorithm of actions of members of the family of a missing serviceman LegalAid.rar.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Iranian hackers recently have been blamed for hacking VPN servers around the world in a bid to plant backdoors in large corporate networks. As the Citrix hack shows, if you don’t know you should probably check, and then act on the results accordingly. 28, 2018, a claim Citrix initially denied but later acknowledged.

VPN

VPN Passwords Software Telecommunications

Nation-State Attacker of Telecommunications Networks

Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Trending Sources

Syniverse Hack

Arguing Against CALEA

Video: Salt Typhoon Hacks Major Telecom Giants Using Malware

Hacked by Police

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

RansomHub gang claims the hack of the telecommunications giant Frontier Communications

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Another Massive Russian Hack of US Government Networks

France’s second-largest telecoms provider Free suffered a cyber attack

Ukrainian telecommunications operators hit by DarkCrystal RAT malware

European Telecommunications Standards Institute (ETSI) suffered a data breach

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Cell Networks Hacked by (Probable) Nation-State Attackers

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Hacking Group Moshen Dragon Targets Asian Telecommunication Companies

Technical Report of the Bezos Phone Hack

Black Basta ransomware gang hit BT Group

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

African multinational telco giant MTN Group disclosed a data breach

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

China-linked hackers target telecommunication providers in the Middle East

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

TalkTalk confirms data breach involving a third-party platform

T-Mobile detected network intrusion attempts and blocked them

FBI Shuts Down Chinese Botnet

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Russia warns financial sector organizations of IT service provider LANIT compromise

Deep Panda Hacking Group Is Targeting VMware Horizon Servers

Americans urged to use encrypted messaging after large, ongoing cyberattack

SFO discloses data breach following the hack of 2 of its websites

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Illegal Data Center Hidden in Former NATO Bunker

China-linked LightBasin group accessed calling records from telcos worldwide

A cyber attack briefly disrupted South African Airways operations

Storm-2372 used the device code phishing technique since August 2024

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Hackers Were Inside Citrix for Five Months

Stay Connected