Tag Archive for: cellular

Hackers Breach U.S. Cellular Customer Database After Scamming Employees

/in


U.S. Cellular, the fourth-largest wireless carrier in America, has suffered a data breach. Hackers reportedly gained access to protected systems by installing malware on a computer at a U.S. Cellular retail store.

According to the breach notification filed with the Office of the Vermont Attorney General the attack began on the 4th of January. Hackers targeted a handful of U.S. Cellular store employees who had access to its customer relationship management (or CRM) software.

The notification doesn’t offer a lot of specifics about the attack itself. It notes only that those employees fell victim to a scam of some sort.

In incidents like this one, hackers will often contact employees and pretend to be IT support staff or outside contractors providing technology services. If they’re convincing enough, the victims are all too willing to grant remote access.

Once connected the attacker can implant malware that sets up the next phase of the attack. Since the U.S. Cellular staff were logged in to its CRM software at the time of the attack, the hackers immediately went to work collecting customer data.

Their activity was detected on January 6th — just two short days later. Unfortunately some U.S. Cellular customers had already been impacted.

The hackers were able to access customer names and addresses, cellular phone numbers, plan information and access PINs used when making changes to service. In some cases the attackers used that information to port customers’ phone numbers to other cellular carriers.

This can be very bad news for consumers. A ported phone number can allow a hacker to break into sensitive accounts if they’re protected by SMS-based two-factor authentication.

Porting can provide fodder for blackmail schemes and access to private photos and other data. A stolen phone number also gives a cybercriminal a convincing starting point for launching further attacks against a victim’s close contacts.

Impact of the attack was limited because the infected computer was quickly isolated before further harm could be done. U.S. Cellular has reset the affected customer PINs,…

Source…

Mobile Security | AT&T

/in

Beware of all-powerful DDoS malware infecting cellular gateways, feds warn

/in

Enlarge / One of the Sierra Wireless devices that can be infected by Mirai. (credit: Sierra Wireless)

This week, the US government-backed ICS-CERT warned that the troubling new generation of computer attacks is powered by malware that can infect cellular modems used to connect automotive and industrial equipment to the Internet.

An advisory published Wednesday listed five industrial control devices manufactured by Sierra Wireless that are vulnerable to malware known as Mirai when default passwords that ship with the equipment aren’t changed on the gateways. The advisory referenced a separate notice from Sierra Wireless (PDF) that reported infections have succeeded against actual devices by connecting to the ACEmanager, a graphical interface used to remotely administer and configure them.

The Sierra Wireless post stated:

Read 7 remaining paragraphs | Comments

Technology Lab – Ars Technica

Ransomware Was the Largest Threat to UK Android Devices in 2015 – Cellular News

/in

Ransomware Was the Largest Threat to UK Android Devices in 2015
Cellular News
Predominantly distributed through malicious apps, Android.Trojan.Slocker accounted for 22 per cent of Android malware threats in the UK in the latter half of the year. In total, Android ransomware accounted for 28 per cent of reported Android malware

\\”android+ransomware\\” – read more