A Us-based security firm revealed a report on Monday that penetrated the telecommunication networks of over ten cellular carriers all over the world.
The attack was conducted in Europe, Africa, the Middle East, and Asia to steal hundreds of gigabytes of metadata of some specific users.
The firm on Monday that, “The tools and techniques used throughout these attacks are consistent with several Chinese threat actors, specifically with APT10, a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS).”
The company said, “has been active since at least 2017… The threat actor was attempting to steal all data stored in the active directory, compromising every single username and password in the organization, along with other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users, and more.”
“Last year, we identified a threat actor that has been operating in telecommunications provider environments for at least two years. We performed a post-incident review of the attacks and were able to identify changes in the attack patterns along with new activity every quarter,” said Amit Serper, ‘Cybereason's Head of security research. He added, “This type of targeted cyber espionage is usually the work of nation-state threat actors.”