Great Moto G Stylus deal on Amazon!

T-Mobile suffers another system breach, this time at the hands of teen hackers

By
2comments
T-Mobile iOS Android
T-Mobile suffers another system breach, this time at the hands of teen hackers
Cyber-crime gang Lapsus$ which had successfully hacked NVIDIA, Samsung, and Microsoft, was able to get into T-Mobile's systems multiple times in March, per Krebs on Security.

LAPSUS$ was run by a bunch of teenagers apparently and its most active members are now behind the bars. Krebs on Security obtained a week's worth of private chats between key LAPSUS$ members, which gives a glimpse into their modus operandi.

LAPSUS$ was obsessed with obtaining source code from tech companies. The gang used to gain initial access to its targets by buying credentials from sites like Russian Market. The trickier part was gaining access to internal company tools. 

They relentlessly targeted T-Mobile employees and were able to breach the carrier's system multiple times last month, giving them access to source code for a range of projects. The rogue group briefly considered SIM swaps, which would have let them hijack someone else's number, which could have allowed them to conduct activities like password resets.


LAPSUS$ gained access to the internal customer accounts management tool Atlas on March 19 and explored high-profile T-Mobile accounts associated with the FBI and Department of Defense. They weren't able to go any further than that because those accounts required additional verifications before any changes could be made. 

The group leader, who is believed to be a 17-year-old from the U.K. and is referred to by nicknames "White," "WhiteDoxbin," and "Oklaqq," eventually terminated the VPN connection that let them access T-Mobile’s network. He then proceeded to gain access to the carrier's Slack and Bitbucket accounts.

Recommended Stories
He was also able to download over 30,000 source code repositories from T-Mobile. It looks like this is when their access was revoked, as, in the words of White, "Cloning 30k repos four times in 24 hours isn’t very normal."

LAPSUS$ may had intended to target high-profile T-Mobile accounts - T-Mobile suffers another system breach, this time at the hands of teen hackers
LAPSUS$ may had intended to target high-profile T-Mobile accounts
T-Mobile has confirmed the attacks but has assured that the hackers weren't able to steal any customer or government information.

Several weeks ago, our monitoring tools detected a bad actor using stolen credentials to access internal systems that house operational tools software. The systems accessed contained no customer or government information or other similarly sensitive information, and we have no evidence that the intruder was able to obtain anything of value. Our systems and processes worked as designed, the intrusion was rapidly shut down and closed off, and the compromised credentials used were rendered obsolete.

This is the seventh data breach T-Mobile has confirmed since 2018. A few days back, the carrier warned customers about unblockable phishing attacks.
https://m-cdn.phonearena.com/images/users/270-200/Anam.jpg
Anam Hamid Mobile Tech News and Deals Journalist
Anam Hamid is a computer scientist turned tech journalist who has a keen interest in the tech world, with a particular focus on smartphones and tablets. She has previously written for Android Headlines and has also been a ghostwriter for several tech and car publications. Anam is not a tech hoarder and believes in using her gadgets for as long as possible. She is concerned about smartphone addiction and its impact on future generations, but she also appreciates the convenience that phones have brought into our lives. Anam is excited about technological advancements like folding screens and under-display sensors, and she often wonders about the future of technology. She values the overall experience of a device more than its individual specs and admires companies that deliver durable, high-quality products. In her free time, Anam enjoys reading, scrolling through Reddit and Instagram, and occasionally refreshing her programming skills through tutorials.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile is now going to dictate where you can use its 5G internet
T-Mobile is now going to dictate where you can use its 5G internet
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
Verizon customers need to be on red alert as a phishing campaign aims to steal their money
Verizon customers need to be on red alert as a phishing campaign aims to steal their money
Why in the world would I pay top dollar for the Galaxy S24 Ultra if it gets left behind by Samsung?
Why in the world would I pay top dollar for the Galaxy S24 Ultra if it gets left behind by Samsung?
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon

Latest News

Grab the OnePlus Pad at its lowest price through this sweet deal
Grab the OnePlus Pad at its lowest price through this sweet deal
TikTok might shut down for real, as the owner apparently rejects selling the app
TikTok might shut down for real, as the owner apparently rejects selling the app
The small but capable Bose SoundLink Flex drops to its best price at Best Buy
The small but capable Bose SoundLink Flex drops to its best price at Best Buy
Patent shows the Galaxy Z Flip 7 may come with three cameras
Patent shows the Galaxy Z Flip 7 may come with three cameras
Is Apple going to take over your home with a Google-powered robot?
Is Apple going to take over your home with a Google-powered robot?
Introducing PhoneArena Battery Score: an easier way to learn about battery life on your phone
Introducing PhoneArena Battery Score: an easier way to learn about battery life on your phone
FCC OKs Cingular\'s purchase of AT&T Wireless