In front of the police arrest Seven of the more prolific members of the group in late March, the Lapsus$ ransomware gang stole T-Mobile’s source code that same month. In a report published on Friday and discovered by The Vergesecurity journalist Brian Krebs shared screenshots of private Telegram messages that show the group has targeted the service provider multiple times.
“Several weeks ago, our surveillance tools discovered that a bad guy was using stolen credentials to gain access to an internal system containing active tool software,” T-Mobile said. with Krebs. “Our systems and processes function as designed, the intrusion is quickly shut down and closed, and the compromised credentials used have become obsolete.” The company added that “the systems accessed did not contain customer or government information or other similarly sensitive information.”
Initially, Lapsus$ accessed T-Mobile’s internal tools by purchasing stolen employee credentials on sites like Russian Market. After that, this group carried out a series of SIM swapping attacks. These types of intrusions typically involve a hacker taking over a target’s cell phone by transferring the number to a device they own. An attacker could then use that access to intercept SMS messages, including links to password resets and one-time codes for multi-factor authentication. Several members of Lapsus$ attempted to use their access to break into T-Mobile accounts linked to the FBI and the Department of Defense, but failed due to additional verification measures involved. relating to those accounts.
Hackers have frequently targeted T-Mobile in recent years. Last August, the company confirmed it had become the victim of a hack that viewed more than personal data 54 million won Its customers are compromised. Such violation also involves SIM Swapping Attacks and may have even seen the carrier secret pay a third party company to limit the damage.
All products recommended by Engadget are handpicked by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.