Tag Archive for: Admits

Former ADT technician admits to hacking into customer’s accounts to watch real-time video feeds in homes

/in


DALLAS, Texas — A former security technician faces up to five years in prison after admitting to authorities that he repeatedly hacked into home video camera feeds.

Telesforo Aviles, 35, pleaded guilty Thursday in federal court to charges of computer fraud, according to the U.S. Attorney’s Office for the Northern District of Texas.

Aviles worked for ADT security and accessed around 200 customer accounts more than 9,600 times, the FBI said.

“Mr. Aviles admits that contrary to company policy, he routinely added his personal email address to customers’ “ADT Pulse” accounts, giving himself real-time access to the video feeds from their homes,” U.S. Attorney spokesperson Erin Dooley said in a statement. “In some instances, he claimed he needed to add himself temporarily in order to “test” the system; in other instances, he added himself without their knowledge.”

The incidents took place over a period of four and a half years.

ADT officials told the Dallas Morning News that the affected customers were alerted to the intrusions and that the company “deeply regrets” the incidents.

“This defendant, entrusted with safeguarding customers’ homes, instead intruded on their most intimate moments,” said Acting U.S. Attorney Prerak Shah in a statement. “We are glad to hold him accountable for this disgusting betrayal of trust.”

“Mr. Aviles took note of which homes had attractive women, then repeatedly logged into these customers’ accounts in order to view their footage for sexual gratification,” authorities said. “Plea papers indicate he watched numerous videos of naked women and couples engaging in sexual activity inside their homes.”

Authorities said the case is a reminder for people to practice ‘cyber hygiene by reviewing authorized users and routinely changing passwords.

If you believe you’ve become a victim of cybercrime, you can contact the FBI’s Internet Crime Complaint Center at 1-800-225-5324.

Source…

Vodafone’s ho. Mobile admits data breach, 2.5m users impacted

/in


Vodafone Group’s low-cost operator ho. Mobile announced that hackers stole part of its customer database thus obtaining personal user information and SIM technical data.

The stolen database, offered for sale on dark web forums since December 22, has been partially verified and includes sufficient details to carry out SIM-swap attacks, putting at risk about 2.5 million subscribers.

Free SIM card replacement

News of the database being peddled on a hacker forum emerged on December 28 from researcher Bank Security. An initial statement from the mobile operator informed that it had no evidence of illegal access to its systems.

This changed on Monday when the company confirmed the massive breach saying that personal data and SIM-related information had been stolen.

The operator says that the hackers got customers’ name, surname, phone number, email, date and place of birth, nationality, and address. They also have the SIM Integrated Circuit Card Identification Number (ICCID) – a unique number providing the card’s country, home network, and identification.

Combined, these details can be used for SIM-swapping attacks that enable hackers to assign a victim’s phone number to a SIM card in their possession and thus receive the target’s calls and text messages.

Bank Security provides a list of the details present in the database stolen by hackers:

At least one actor may have purchased the database, while several others showed interest.

In a comment on the hacker forum, one user says that the seller asked for $50,000 for the entire database. Even if not sold in bulk, the seller could break it into smaller sets to obtain a profit.

Using the sample data from the seller, several researchers were able to confirm that the database was real by contacting victims.

The mobile operator is now trying to minimize the impact of the breach on customers and is offering them a new SIM card free of charge.

With the risk of a swap still looming, the SIM replacement process requires…

Source…

Microsoft admits hackers were able to see some of its source code

/in


Microsoft now says suspected Russian hackers behind a massive campaign that impacted government agencies, local municipalities and companies were also able to view some of the company’s source code.

In a blog post Thursday, Microsoft says the unauthorized access “has not put at risk the security of our services or any customer data.”

“We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories,” Microsoft stated. “The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.”

Source code is the basic building blocks of computer programs, like the instructions.

Last month, as news of the hacking campaign surfaced, Microsoft acknowledged using the IT management software SolarWinds Orion, which is how the attackers gained access to thousands of government, public, and private organizations.

Microsoft has said in earlier blog posts they were aware of clients they serviced who were compromised, Thursday’s update is the first time the company has confirmed the attackers compromised them.

Microsoft says they operate with a philosophy of making source code viewable, and do not rely on secrecy of this code for security. “So viewing source code isn’t tied to elevation of risk,” they stated.

Source…