Lapsus$ hackers breached T-Mobile systems and stole its source code


Hacking group Lapsus$ stole T-Mobile’s source code in a series of breaches that took place in March, as first reported Krebs on security. T-Mobile confirmed the attack in a statement to the edgeand says the “systems accessed did not contain customer or government or other similarly sensitive information.”

In copies of private messages obtained by Krebs, the Lapsus$ hacker group discussed targeting T-Mobile in the week before the arrest of seven of its teenage members. After purchasing employee credentials online, members could use the company’s internal tools, such as Atlas, T-Mobile’s customer management system, to perform SIM swaps. This type of attack involves hijacking a target’s mobile phone by transferring their number to a device owned by the attacker. From there, the attacker can obtain text messages or calls received by that person’s phone number, including messages sent for multi-factor authentication.

According to screenshot messages posted by Krebs, Lapsus$ hackers also attempted to access FBI and Department of Defense T-Mobile accounts. Ultimately, they were unable to do so, as additional verification measures were required.

“Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that host operating tools software,” T-Mobile said in a statement emailed to the edge. “Our systems and processes worked as designed, the intrusion was quickly shut down and closed, and the compromised credentials used were rendered obsolete.”

T-Mobile has been the victim of several attacks over the years. Although this particular attack did not affect customer data, previous incidents did. In August 2021, a breach exposed the personal information belonging to more than 47 million customers, while another attack that occurred just a few months later compromised “a small number” of customer accounts.

Lapsus$ has made a name for itself as a hacking group that primarily targets the source code of big tech companies, such as Microsoft, Samsung, and Nvidia. The group, which is reportedly run by a teenage mastermind, has also targeted Ubisoft, Apple Health partner Globant, and authentication company Okta.


Source link
Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts