Other information in the announcements includes the price for a single SIM-swap request, and the handle of the person who takes the payment and information about the targeted subscriber. At a minimum, every SIM-swapping opportunity is announced with a brief “ Tmobile up!” or “ Tmo up!” message to channel participants. KrebsOnSecurity is not naming those channels or groups here because they will simply migrate to more private servers if exposed publicly, and for now those servers remain a useful source of intelligence about their activities.Įach advertises their claimed access to T-Mobile systems in a similar way. This means that stealing someone’s phone number often can let cybercriminals hijack the target’s entire digital life in short order - including access to any financial, email and social media accounts tied to that phone number.Īll three SIM-swapping entities that were tracked for this story remain active in 2023, and they all conduct business in open channels on the instant messaging platform Telegram. The conclusions above are based on an extensive analysis of Telegram chat logs from three distinct cybercrime groups or actors that have been identified by security researchers as particularly active in and effective at “ SIM-swapping,” which involves temporarily seizing control over a target’s mobile phone number.Ĭountless websites and online services use SMS text messages for both password resets and multi-factor authentication. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |