Click For Photo: https://regmedia.co.uk/2015/10/04/compromised.jpg
Hackers infiltrated the networks of at least ten cellular telcos around the world, and remained hidden for years in some cases, as part of a long-running tightly targeted surveillance operation, The Register has learned. This espionage campaign is still ongoing, it is claimed.
Cyber-spy hunters at US security firm Cybereason told El Reg on Monday the miscreants responsible for the intrusions were, judging from their malware and skills, either part of the infamous Beijing-backed hacking crew dubbed APT10 – or someone operating just like them, perhaps deliberately so.
Snoops - Years - Cellphone - Networks - Planet
Whoever it was, the snoops apparently spent the past seven or more years inside 10-plus cellphone networks dotted around the planet. In some cases, we're told, the hackers were able to deploy their own VPN services on the telcos' infrastructure to gain quick, persistent, and direct access to the carriers rather than hop through compromised internal servers and workstations. These VPN services were not detected by the telcos' IT staff.
"It is straight up brazen," Cybereason principal security researcher Amit Serper told El Reg hours earlier. "They figured out there was a lot of lag in using hacked machines, and said: let's install a VPN and get it over with. I don't know if there is even [networking monitoring] coverage of those connections going in and out."
VPN - Deployments - Hacker - Crew - Telcos
The undetected VPN deployments underscore just how deeply the hacker crew was able to drill into the unnamed telcos and compromise pretty much everything they needed to. The gang sought to gain access to hundreds of gigabytes of phone records and location data. This was all done, we're told, in order to spy on and gather the whereabouts of a group of 20 to 30...
Wake Up To Breaking News!