T-Networks’ mobile phones were infiltrated by Lapsus$ hackers who stole the company’s source code

T-Networks' mobile phones were infiltrated by Lapsus$ hackers who stole the company's source code

Tech Highlights:

  • In copies of private messages obtained by Krebs, the Lapsus$ hacking group discussed targeting T-Mobile in the week prior to the arrest of seven of its teenage members. After purchasing employees’ credentials online, the members could use the company’s internal tools — like Atlas, T-Mobile’s customer management system — to perform SIM swaps. This type of attack involves hijacking a target’s mobile phone by transferring its number to a device owned by the attacker. From there, the attacker can obtain texts or calls received by that person’s phone number, including any messages sent for multi-factor authentication.

  • T-source Mobile’s code was stolen by the Lapsus$ hacker organisation in a series of attacks in March, according to Krebs on Security. In a letter to The Verge, T-Mobile confirmed the hack and stated that the “systems hacked contained no customer or government information or any similarly sensitive information.”

Lapsus$ hackers also attempted to crack into the FBI and Department of Defense’s T-Mobile accounts
According to screenshotted messages posted by Krebs, Lapsus$ hackers also attempted to crack into the FBI and Department of Defense’s T-Mobile accounts. They were ultimately unable to do so, as additional verification measures were required.

T-Mobile has been the victim of several attacks over the years. Although this particular hack didn’t affect customers’ data, past incidents did. In August 2021, a breach exposed the personal information belonging to over 47 million customers, while another attack occurring just months later compromised “a small number” of customer accounts.

“Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software,” T-Mobile said in an emailed statement to The Verge. “Our systems and processes worked as designed, the intrusion was rapidly shut down and closed off, and the compromised credentials used were rendered obsolete.”

Lapsus$ has made a name for itself as a hacking group that primarily targets the source code of large technology companies, like Microsoft, Samsung, and Nvidia. The group, which is reportedly led by a teenage mastermind, has also targeted Ubisoft, Apple Health partner Globant, and authentication company Okta. By submitting your email, you agree to our Terms and Privacy Notice. You can opt out at any time. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

From the news www.theverge.com

We will be happy to hear your thoughts

      Leave a reply

      Tech Reviews, News and Guides
      Logo