Mar 03, 2023 06:00:00

T-Mobile turned out to be damaged by cybercrime such as `` SIM swap '' that hijacks smartphones more than 100 times in 2022

T-Mobile , one of the world's largest mobile carriers headquartered in Germany, acknowledged the leak of 100 million user information in the summer of 2021, and in January 2023 , 37 million new customer data. Security issues are often talked about, such as being reported to have leaked . Data from a security analysis company shows that more than 100 serious infringements, such as the hijacking of smartphones and the theft of all information, occurred for such T-Mobile throughout 2022.

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022 – Krebs on Security
https://krebsonsecurity.com/2023/02/hackers-claim-they-breached-t-mobile-more-than-100-times-in-2022/

According to data released by Brian Krebs of KrebsOnSecurity, which conducts security-related research and information dissemination, three criminal groups used T-Mobile employees to access internal tools, and from that access smartphones were temporarily It has been suggested that they are conducting attacks that create controlled cybercriminal targets. In particular, by identifying personal information from the user's own information or leaked information, and impersonating the user, the mobile phone company is contacted and all the information in the smartphone is sent to the fake SIM card. It is analyzed that cybercriminals are working on 'SIM swap'.

According to data from KrebsOnSecurity, a total of 104 “SIM replacement claims” were made to T-Mobile by hacker groups across all groups in the seven months from May to December 2022. . All three groups of SIM swappers discovered by KrebsOnSecurity are known to remain active in 2023. SIM swap related scams have been observed with providers other than T-Mobile, but much less frequently than with T-Mobile. However, if the SIM swap to another provider is successful, it seems that a fairly high bill tends to be made.

KrebsOnSecurity shared the collected data with T-Mobile, but T-Mobile neither confirmed nor denied the cybercrime allegations in the data, saying in a statement, 'This type of activity affects the wireless industry as a whole. We are constantly working to combat it, and we are doing everything we can to prevent unauthorized access, including stronger multi-factor authentication controls, stronger authentication environments, and restricted access to data, apps, and services. 'We have continued to drive improvements in our ability to protect, and we are also focused on collecting threat intelligence data, such as the one shared, to further strengthen these ongoing efforts.'

According to Alison Nixon, chief research officer at

Unit 221B , a New York-based cybersecurity firm, the group behind the SIM-swapping attack 'calls the provider, impersonates someone from the company's IT department, Induce the other party of the phone to a phishing site'. ``As a low-tech, low-probability threat, many in the security community disregard this attack,'' Nixon points out. In reality, there are people in charge of fluidly designing phishing sites so as not to be marked by security companies, and there are experts who steal credentials after leading them to phishing sites, and use stolen credentials to fraudulently exploit companies. ``Modern phishing has many moving parts, making it a low-tech threat,'' Nixon explains.

According to KrebsOnSecurity, despite T-Mobile's security exposure, T-Mobile's security team has been effective, with one cybercriminal group saying, 'T-Mobile's security team started monitoring their chats. Isn't it?' he said that he doubted. The following image shown by KrebsOnSecurity is a calendar for 2022 that shows the days when SIM swap warnings were confirmed in red, but you can see that the number of damages has decreased as the year progresses.

T-Mobile has not responded to questions about what it is doing to strengthen employee authentication, but Nicholas Nicholas, a researcher and lecturer at the International Computer Science Institute at the University of California, Berkeley, said: ``T-Mobile and all major wireless providers must require employees to use a physical security key as a second factor when logging into company resources,'' Weber said. I'm here. 'The biggest reason this problem has gotten out of hand is that these criminal groups are recruiting teenagers to do their dirty work, and children play a very important role,' Nixon said. Because even if minors are arrested for SIM swapping, they are quickly released due to legal protection and tend to repeat the same crimes,” he argues.