Chinese hackers infect carriers to steal SMS messages
Malware tied to Chinese hackers has been found infecting telecommunication networks to steal SMS messages from thousands of phone numbers. The spying effort comes from a Chinese state-sponsored hacking group called APT 41, according to the cybersecurity firm FireEye. On Thursday, the company published a report on a malware strain from the group that's designed to infect Linux-based servers used by telecommunication carriers to route SMS messages. Some time this year, FireEye uncovered the malicious computer code on a cluster of servers belonging to an unnamed telecommunication network provider. "During this intrusion, thousands of phone numbers were targeted, to include several high-ranking foreign individuals likely of interest to China," the company told PCMag. Interestingly, the malware is selective of which SMS messages it will try to collect. The APT 41 hackers pre-programmed it using two lists. The first one searches outs the target, based on the person's phone number and International Mobile Subscriber Identity (IMSI) number. The second list contains certain keywords that the malware will seek to find within the SMS messages. If one of the keywords is found in an SMS message, the malware will then save it in a .CSV file, which the hacker can later extract. "The keyword list contained items of geopolitical interest for Chinese intelligence collection. Sanitized examples include the names of political leaders, military and intelligence organizations and political movements at odds with the Chinese government," FireEye researchers said in the report. The suspected Chinese hackers behind the malware also clearly knew who they were targeting, since they had access to both the victims' phone numbers and the IMSI numbers, which is harder to come by. On some Android phones, you can access the IMSI number in the settings function. But the information is primarily used by telecommunication carriers to uniquely identity each subscriber on a cellular network, which suggests the hackers had some serious intel-collecting abilities. In the same intrusion, the hackers were also found interacting with databases that contained voice call record details, including the time of the call, the duration and the phone numbers involved. "In 2019, FireEye observed four telecommunication organizations targeted by APT41 actors," the company added in today's report, which refrained from naming the organizations hit. "Further, four additional telecommunications entities were targeted in 2019 by separate threat groups with suspected Chinese state-sponsored associations." Other security researchers have also noticed suspected Chinese cyberspies infiltrating cellular networks. In June, security firm Cybereason uncovered evidence that Chinese hackers had broken into telecommunication carriers to steal call log and location data from "high-value" individuals across the globe. The attacks underscore the risk of sending unencrypted information over cellular networks; the content is readable to whoever controls the SMS routing server. For especially sensitive messages, it's a good idea to use a mobile messaging app, such as WhatsApp or Signal, which offer end-to-end encryption.
相关推荐
-
11 Places to See Tiny Trains
-
Twitter hits record high as Black Lives Matter protests dominate news
-
Dr. Fauci is the internet's worthiest crush yet
-
Someone paid $2.6 million in fees to move $134 worth of crypto and oops
-
Update your BIOS: Utilities from Top Motherboard Makers
-
国家统计局:2023年全国农民工人均月收入4780元
- 最近发表
-
- Doosan scraps controversial Robotics
- Rublev blasts Wimbledon ban as 'complete discrimination'
- Aubameyang gives Barca narrow win
- Mark Zuckerberg says 'Black lives matter' after defending Trump's posts
- 50 Places to Eat and Drink Before You Die
- Walmart+ provides a one
- North Korea's Kim Jong
- Ina Garten's ridiculous cocktail recipe is perfect for quarantine
- 雅安市第四人民医院:工娱治疗让患者康复之路充满希望
- 揭东农技驿站给“竹”科技支持,”锁”住鲜美串起富民产业链
- 随机阅读
-
- Kamala Harris’ ridiculous problem with the political press.
- Fitbit has developed a ventilator to help COVID
- Someone paid $2.6 million in fees to move $134 worth of crypto and oops
- Facebook just dropped a messaging app for couples
- NASA rover snaps photo of its most daunting challenge yet
- I ran a half
- 一男子拾金不昧交柜台 某银行职员查监控找到失主
- N. Korea marks 6th anniv. of Kwangmyongsong
- 阳江村K开麦,阳西3人晋级!
- N. Korea stays silent on much
- What it means to be immune to coronavirus
- 10 things to fantasize about doing once coronavirus is over
- Apple Watch 10 rumors: Everything we know so far
- Google Maps adds images of Black Lives Matter mural in Washington, D.C.
- The 7 best astrology, horoscope, and cosmic magic podcasts
- Dr. Fauci is the internet's worthiest crush yet
- Freedom from Dissent
- Mark Zuckerberg says 'Black lives matter' after defending Trump's posts
- Automated fact
- 扶持“领头羊”示范带动 推动扶贫产业加速发展
- 搜索
-
- 友情链接
-