• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
telcom and bpo companies under attack by sim swapping hackers

Telcom and BPO Companies Under Attack by SIM Swapping Hackers

You are here: Home / General Cyber Security News / Telcom and BPO Companies Under Attack by SIM Swapping Hackers
December 6, 2022

A persistent intrusion marketing campaign has set its eyes on telecommunications and business enterprise method outsourcing (BPO) organizations at lease because June 2022.

“The stop objective of this campaign seems to be to obtain obtain to mobile carrier networks and, as evidenced in two investigations, carry out SIM swapping activity,” CrowdStrike researcher Tim Parisi reported in an evaluation posted last 7 days.

The economically motivated attacks have been attributed by the cybersecurity company to an actor tracked as Scattered Spider.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


CyberSecurity

Initial access to the goal atmosphere is mentioned to be undertaken via a range of approaches ranging from social engineering utilizing phone calls and messages despatched by way of Telegram to impersonate IT personnel.

This technique is leveraged to direct victims to a credential harvesting website or trick them into setting up business remote monitoring and administration (RMM) applications like Zoho Assist and Getscreen.me.

Ought to the focus on accounts be secured by two-factor authentication (2FA), the risk actor both confident the victim into sharing the 1-time password or employed a technique referred to as prompt bombing, which was place to use in the recent breaches of Cisco and Uber.

SIM Swapping Hackers

In an different an infection chain observed by CrowdStrike, a user’s stolen credentials formerly received through unknown signifies were being applied by the adversary to authenticate to the organization’s Azure tenant.

An additional occasion concerned the exploitation of a critical distant code execution bug in ForgeRock OpenAM entry administration solution (CVE-2021-35464) that came less than lively exploitation previous year.

Quite a few of the attacks also involved Scattered Spider attaining obtain to the compromised entity’s multi-factor authentication (MFA) console to enroll their have products for persistent remote access by way of respectable remote entry equipment to prevent raising red flags.

First obtain and persistence actions are followed by reconnaissance of Windows, Linux, Google Workspace, Azure Active Directory, Microsoft 365, and AWS environments as effectively as conducting lateral movement, when also downloading more applications to exfiltrate VPN and MFA enrollment facts in pick cases.

“These strategies are particularly persistent and brazen,” Parisi pointed out. “At the time the adversary is contained or operations are disrupted, they right away go to focus on other corporations in the telecom and BPO sectors.”

Discovered this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive written content we submit.


Some pieces of this posting are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Russian Hackers Use Western Networks to Attack Ukraine
Next Post: Gen Z Internet Users “Normalize” Cybercrime – Report Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.