National Security

Hacking Group Is Stealing Personal Data, Communications From Telecom Carriers, Researchers Find

Photo by NICOLAS ASFOURI/AFP via Getty Images

Daily Caller News Foundation logo
Ailan Evans Tech Reporter
Font Size:

A group of hackers has gained access to telecommunications infrastructure and is retrieving personal information and communications records, according to a report released Tuesday by cybersecurity company CrowdStrike.

The group, known as “LightBasin,” has operated since at least 2016 and is “utilizing scanning/packet-capture tools to retrieve highly specific information from mobile communication infrastructure, such as subscriber information and call metadata,” according to a report written by Jamie Harris and Dan Mayer at CrowdStrike. (RELATED: Neiman Marcus Hacked, Exposing Personal Data Of Up To 4.6 Million Customers)

Rather than hacking individual devices, the hackers are infiltrating global telecommunications networks to access personal data, according to the report. The researchers identified 13 telecommunications companies that LightBasin hacked since 2019.

A contract crew for Verizon, works on a cell tower to update it to handle the new 5G network in Orem, Utah on December 10, 2019. (Photo by GEORGE FREY/AFP via Getty Images)

A contract crew for Verizon, works on a cell tower to update it to handle the new 5G network in Orem, Utah on December 10, 2019. (Photo by GEORGE FREY/AFP via Getty Images)

“They don’t need to deploy the malware onto your phone if they’re owning the network that your phone is riding on,” Adam Meyers, senior vice president of intelligence at CrowdStrike, told CyberScoop. Meyers said that the hackers were able to intercept text messages, as “where this is happening, and the scale that it’s happening, there’s still quite a bit of text message traffic that occurs.”

The researchers also noticed that the hackers used tools that required knowledge of the Chinese language, but they did not assert a direct connection between the hacking group and China. (RELATED: Chinese Bot Network Used Social Media To Encourage Asian American Protests, Researchers Find)

“This report reflects the ongoing cybersecurity risks facing organizations large and small and the need to take concerted action,” a spokesperson for the U.S. Cybersecurity and Infrastructure Security Agency told Reuters. “Common sense steps include implementing multifactor authentication, patching, updating software, deploying threat detection capabilities, and maintaining an incident response plan.”

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact licensing@dailycallernewsfoundation.org.