1. Home
  2. /Latest
  3. /$ Lapsus hackers hacked T-Mobile systems and stole its source code

$ Lapsus hackers hacked T-Mobile systems and stole its source code

Latest / April 23, 2022 / DRPhillF / 0

Hacking group $Lapsus stole T-Mobile’s source code in a series of breaches that occurred in March, as first reported by Crepes on security. T-Mobile confirmed the attack in a statement the edgeIt says that “the systems accessed do not contain customer, government, or other similar sensitive information.”

In copies of private messages obtained by Krebs, hacking group Lapsus$ discussed targeting T-Mobile the week prior to the arrest of seven of its teenage members. After purchasing employee credentials online, members can use the company’s internal tools — such as Atlas, T-Mobile’s customer management system — to perform SIM exchanges. This type of attack involves hijacking the target’s mobile phone by transmitting their number to a device owned by the attacker. From there, the attacker could obtain text messages or calls received by that person’s phone number, including any messages sent for multi-factor authentication.

According to the screenshots released by Krebs, the $ Lapsus hacker also attempted to hack the T-Mobile accounts of the FBI and the Department of Defense. They were ultimately unable to do so, as additional verification measures were required.

T-Mobile said in a statement emailed to the edge. “Our systems and processes worked as designed, intrusions were quickly shut down and shut down, and the compromised credentials used were out of date.”

T-Mobile has been the victim of several attacks over the years. Although this particular hack did not affect customer data, previous incidents did. In August 2021, it exposed a breach of personal information belonging to more than 47 million customers, while another attack occurred just months later that compromised a “small number” of customer accounts.

$Lapsus has made a name for itself as a hacking group that primarily targets the source code of big tech companies, such as Microsoft, Samsung, and Nvidia. The group, which is said to be led by a teenage mastermind, also targeted Ubisoft, partner Apple Health Globant, and authentication firm Okta.

DRPhillF

Related posts

Latest posts

Leave a Comment

Leave a Reply

Your email address will not be published.

Search

Contact us