After gaining access to mobile carriers’ internal servers, the hackers would have access to call data records on hundreds of millions of customers.
Cybereason’s researchers found that the attackers gained access to more than a dozen mobile carriers by exploiting old vulnerabilities, like malware hidden in a Microsoft Word file or finding an exposed public server belonging to a given company.
The hackers infected multiple mobile carriers since 2012, gaining control and siphoning off hundreds of gigabytes of data on people.
The attackers have been using that access over the last seven years to steal sensitive data, but have so much control they could shut down communications at a moment’s notice, according to Cybereason, a security company based in Boston.
Security researchers found that hackers had infiltrated more than a dozen mobile carriers since 2012.
Hackers have quietly infiltrated more than a dozen mobile carriers around the world, gaining complete control of networks behind the companies’ backs.
Victims wouldn’t even be able to know that their call data records are being stolen from mobile carriers.
“Hacking a company that has mountains of data that is always updating is the holy grail for an intelligence agency.”https://t.co/MrSLFpAAMs— CNET News (@CNETNews) June 25, 2019