Chinese government-backed cybercriminal gangs hacked five telecommunications firms spread across the globe. From 2017 to 2021, they have managed to steal victims’ location data and phone records.
Group-3390 and Naikon Behind the Heist
The gangs exploited vulnerabilities in the Microsoft Exchange servers to get into the systems. Apparently, it was happening months long before the American Multinational went public with its allegations.
China has so far denied the allegations.
According to Lior Div, Cybereason Inc’s Chief Executive Officer, the hackers managed to take complete control of the networks. Their main agenda was to access political activists, government officials, law enforcement agencies, and Chinese government rivals’ private information.
Div termed the seizure “the holy grail of hacks.”
He refused to name the specific telecom establishments and victim countries. He disclosed, however, that the intrusion mainly affected some countries that had clashed with China in the past.
Adverse Effects on National Security
Cybereason warned that the state-sponsored criminal activity would have not only an impact on the telcos’ customer base but also the countries in the region. That’s because it poses a great threat to their national security.
Dominic Raab, the United Kingdom Foreign Secretary, weighed in on the matter. He said that China must face dire consequences for its actions.
Cyber experts on the case described the hackers as very experienced and adaptive. According to the cybersecurity firm, they easily evaded detection.
Findings showed that one of the groups hid behind an antivirus software. Another concealed its malicious activity in users’ recycle bins. There was also one that acted as a keylogger to spy on what users were typing on their devices. For that, it used PotPlayer, a popular multimedia player from South Korea.
Fortunately, there are lots of reliable antivirus solutions in the market to put hackers at bay.