Connect with us

Science & Tech

Mysterious hacking group is quietly breaking into global telecommunications networks, research finds

Published

on

The group has been attempting to hack the global telecommunications sector using an in-depth knowledge of the architecture of the network and custom hacking tools.

A mysterious group of hackers has been quietly breaking into the computer networks of telecommunications companies on a global scale, according to new security research.

Buried deep inside mobile infrastructure across the globe the hackers are able to spy on anyone whose device is connecting to those networks, according to cyber security company Crowdstrike.

But little is known about the hackers other than what the experts have been able to directly observe – that it is highly sophisticated, has been active since 2016, develops its own custom hacking tools, and has extensive knowledge of the sector it is targeting.

The information that the hackers can glean from hacking these networks “aligns with information likely to be significant interest to signals intelligence organisations”, Crowdstrike said, but who the group is working for remains a mystery – though there are several clues.

A woman uses her phone to take a photo during a morning snow storm in the Manhattan borough of New York City, U.S., February 18, 2021. REUTERS/Brendan McDermid
Image:The hackers don’t need to hack phones as they can spy on users from inside the carriers. File pic: Reuters

Adam Meyers, who leads Crowdstrike’s threat intelligence team, noted the differences between the mysterious group’s hacking and recent stories about NSO Group’s spyware tools.Advertisement

The private business was accused of assisting despotic regimes to target the phones of politicians, journalists, political dissidents and human rights activists in reports earlier this year.

Mr Meyers explained: “The key take-away here is that these hackers don’t need to hack into your mobile device… the thing here that is so stunning is that they can do it from the carrier.”

“They don’t have to hack your phone, they hack the mobile providers across the globe,” he said.

So little is known about the group that it isn’t being tracked as a distinct entity in itself, but instead as an activity cluster of incidents called LightBasin in which the same kinds of companies have been hacked in the same kinds of ways.

But some clues have emerged, according to Crowdstrike, which found data was being sent to and from a remote server and the compromised networks encrypted with a password that they could read in the code of the hacking tools.

This password was a Chinese phrase – “wuxianpinggu507” – which the company translated as “wireless evaluation 507”, but Crowdstrike cautioned that the use of this phrase only indicated the developer of the tool had some knowledge of the Chinese language, it is not a basis to assert Beijing’s involvement.

The company has assessed that the LightBasin activity does appear to be operating in support of several groups that Crowdstrike has attributed with confidence to being sponsored by the Chinese government, but its standards for making attributions are high and there isn’t enough evidence to support a similar attribution for LightBasin.

Mr Meyers said: “It’s important for us to be responsible in how we talk about things like this. We don’t take this lightly when we say that there’s a global campaign targeting telecoms, and it has very specialised tools meant to take advantage of mobile infrastructure.

“We don’t want to throw things out there unless we have some degree of confidence,” he said.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Science & Tech

COVID-19: Facebook removes Chinese-backed network of fake accounts spreading coronavirus disinformation

Published

on

The false profiles, with links to Chinese-backed agencies, originated and spread false claims the US pressured scientists to blame China for COVID-19.

Facebook has removed hundreds of fake accounts linked to a campaign by China to spread unfounded claims about the pandemic.

The bogus profiles originated claims the US pressured scientists to blame China for COVID-19.

An investigation found these claims were amplified by employees of Chinese state-run companies, soon becoming the subject of domestic news headlines.

“In effect it worked like an online hall of mirrors, endlessly reflecting the original fake persona and its anti-US disinformation,” Ben Nimmo, who leads investigations into disinformation at Meta, the parent company of Facebook and Instagram, said.

The social media company said one of the accounts belonged to a fictitious Swiss biologist named Wilson Edwards.Advertisement

The Wuhan Institute of Virology that it is claimed COVID-19 may have escaped from
Image:The Wuhan Institute of Virology that it is claimed COVID-19 may have escaped from

In July, when the operation began, Mr Wilson’s profile claimed US officials were using “enormous pressure and even intimidation” to get scientists to back calls for renewed investigations into the origin of coronavirus.

Within hours, hundreds of other accounts – some only created only that day – began liking, reposting or linking to the post.

Many of the accounts were later found to be fake, with some of the users posing as westerners and others using likely fabricated profile photos.

Facebook said it found links between the accounts and a tech firm based in Chengdu, China, as well as to overseas employees of Chinese infrastructure companies.

Within a week of the initial post, large media outlets in China were reporting on the claims as if they had been made by a real scientist.

The operation was exposed when Swiss authorities announced in August that they had no record of any biologist with that name.

In all, Meta removed about 600 accounts on Facebook and Instagram that were linked to the network.

China’s Ministry of Foreign Affairs has said in the past that the country’s government does not employ trickery on social media.

Coronavirus emerged in Wuhan, China in December 2019 before spreading around the world.

Different governments, experts and organisations, including the US, have suggested the virus may have come from a lab leak in the city – a claim China vehemently denies.

That theory was dismissed by a team led by the World Health Organisation (WHO) that spent four weeks in and around Wuhan in January and February.

However, their report, released in March, was criticised for not finding sufficient evidence to discard the idea – and the WHO’s director-general has since said there had been a “premature push” to rule out the lab leak theory.

The US carried out their own investigation and came to the same conclusion.

Continue Reading

Science & Tech

Meta: UK competition regulator tells Facebook owner to sell GIF library Giphy

Published

on

The investigation into the acquisition has been acrimonious, with Meta previously being fined £50m by the CMA for deliberately refusing to comply with the regulator’s inquiries.

Facebook’s owner Meta has been issued a legally binding order to sell the GIF library Giphy after an investigation found the takeover “could harm social media users and UK advertisers”.

The Competition and Markets Authority (CMA) launched an in-depth investigation into the deal in April after raising a number of concerns. It subsequently warned of the potential forced sale in August.

Giphy – a website for making and sharing animated images, known as GIFs – was acquired by Facebook (now Meta) in May last year to integrate the GIFs with Instagram, but the CMA has now ordered the acquisition to be unravelled.

Sky News understands Facebook intends to appeal the CMA’s decision. It has four weeks to do so and the appeal would go to a the Competition Appeal Tribunal, which is independent of the CMA.

Meta could potentially challenge that ruling in the UK courts, but only on points of law.Advertisement

Facebook has rebranded to Meta
Image:Facebook’s parent company was renamed Meta last month

Stuart McIntosh, who chaired the independent inquiry into the acquisition, said: “The tie-up between Facebook and Giphy has already removed a potential challenger in the display advertising market.

“Without action, it will also allow Facebook to increase its significant market power in social media even further, through controlling competitors’ access to Giphy GIFs.

“By requiring Facebook to sell Giphy, we are protecting millions of social media users and promoting competition and innovation in digital advertising,” Mr McIntosh explained.

The investigation into the acquisition has seen points of acrimony, with Meta being fined a record £50m by the CMA for deliberately refusing to comply with the regulator’s inquiries.

Meta argued that it has been in compliance with the competition watchdog’s primary orders at all times.

At the time of the fine, the company complained that the CMA delayed for seven months a request to amend these orders which was eventually agreed in what the company described as nearly an identical manner to what had been requested.

When Facebook first merged with Giphy it terminated the image library’s advertising services, “removing an important source of potential competition” according to the CMA.

This was considered “particularly concerning given that Facebook controls nearly half of the £7 billion display advertising market in the UK”.

However in Meta’s response to the preliminary findings, the social media giant described the acquisition as a simple vertical merger and said that Giphy was financially troubled and suggested that its attempts to monetise its GIF library for display advertising were unsuccessful.

“If GIF paid alignments were the promising business model that the CMA believes they are, then one would expect to encounter them in the real-world at scale… Yet that is not the case,” the response stated.

According to the regulator, the acquisition potentially also enabled the social media giant to change the terms of access to the GIF library for its competitors.

“For example, Facebook could require Giphy customers, such as TikTok, Twitter and Snapchat, to provide more user data in order to access Giphy GIFs.

“Such actions could increase Facebook’s market power, which is already significant,” the regulator said.

In its review of the merger, the CMA said it risked entrenching Meta’s market dominance, noting that its platforms (Facebook, Instagram, and WhatsApp) already accounted for 73% of all user time spent on social media in the UK.

A spokesperson for Meta said: “We disagree with this decision. We are reviewing the decision and considering all options, including appeal. Both consumers and Giphy are better off with the support of our infrastructure, talent, and resources.

“Together, Meta and Giphy would enhance Giphy’s product for the millions of people, businesses, developers and API partners in the UK and around the world who use Giphy every day, providing more choices for everyone.”

Continue Reading

Health

COVID-19: Mild and moderate cases during pregnancy doesn’t harm babies’ brains, finds study

Published

on

Parents should be reassured, there is “no evidence that a maternal SARS-CoV-2 infection has any effect on the brain development of the unborn child” say scientists.

Mild and moderate coronavirus infections in pregnant women appear to have no effect on the brain of the developing foetus according to a new study.

Two years into the COVID-19 pandemic “there is evidence that pregnant women are more vulnerable” to the coronavirus, according to a study presented to the Radiological Society of North America (RSNA).

The new study aims to identify what the possible consequences are for the unborn child if the mother is infected during pregnancy, and to study the likelihood of the virus being passed on to the foetus.

“Women infected with SARS-CoV-2 during pregnancy are concerned that the virus may affect the development of their unborn child, as is the case with some other viral infections,” said Dr Sophia Stoecklein, senior author of the study.Advertisement

“So far, although there are a few reports of vertical transmission to the foetus, the exact risk and impact remain largely unclear,” added Dr Stoecklein, from the department of radiology at Ludwig Maximilian University of Munich.

“The aim of our study was to fill this gap in knowledge regarding the impact of a maternal SARS-CoV-2 infection on foetal brain development,” she added.

MRI scans were used to study 33 pregnant women who were infected with COVID-19 during their pregnancy, with the women roughly 28 weeks into the pregnancies at the time of the scan.

The scans were evaluated by radiologists with years of experience in foetal MRIs who found that the brain development in the assessed areas was age-appropriate in all of the children, with no findings indicating any infection affected the brains.

“In our study, there was no evidence that a maternal SARS-CoV-2 infection has any effect on the brain development of the unborn child,” Dr Stoecklein said. “This fact should help to reassure affected parents.”

But she cautioned that only mothers with mild to moderate symptoms who were not hospitalised were included in the study, meaning the impact of “severe infection on brain development in the foetus has not been conclusively determined”.

Continue Reading

Trending Now