A group of hackers has gained access to telecommunications infrastructure and is retrieving personal information and communications records, according to a report released Tuesday by cybersecurity company CrowdStrike.
The group, known as “LightBasin,” has operated since at least 2016 and is “utilizing scanning/packet-capture tools to retrieve highly specific information from mobile communication infrastructure, such as subscriber information and call metadata,” according to a report written by Jamie Harris and Dan Mayer at CrowdStrike. (RELATED: Neiman Marcus Hacked, Exposing Personal Data Of Up To 4.6 Million Customers)
Rather than hacking individual devices, the hackers are infiltrating global telecommunications networks to access personal data, according to the report. The researchers identified 13 telecommunications companies that LightBasin hacked since 2019.
A contract crew for Verizon, works on a cell tower to update it to handle the new 5G network in Orem, Utah on December 10, 2019. (Photo by GEORGE FREY/AFP via Getty Images)
“They don’t need to deploy the malware onto your phone if they’re owning the network that your phone is riding on,” Adam Meyers, senior vice president of intelligence at CrowdStrike, told CyberScoop. Meyers said that the hackers were able to intercept text messages, as “where this is happening, and the scale that it’s happening, there’s still quite a bit of text message traffic that occurs.”
The researchers also noticed that the hackers used tools that required knowledge of the Chinese language, but they did not assert a direct connection between the hacking group and China. (RELATED: Chinese Bot Network Used Social Media To Encourage Asian American Protests, Researchers Find)
“This report reflects the ongoing cybersecurity risks facing organizations large and small and the need to take concerted action,” a spokesperson for the U.S. Cybersecurity and Infrastructure Security Agency told Reuters. “Common sense steps include implementing multifactor authentication, patching, updating software, deploying threat detection capabilities, and maintaining an incident response plan.”
All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact licensing@dailycallernewsfoundation.org.