Cybereason, a security research firm, just announced that they’ve uncovered a call espionage scheme that has been going on for the last 7 years. The scheme, which is being called ‘Operation Softcell’, involved unknown hackers breaking into 10+ cell phone provider networks in order to steal call detail records (CDRs). So far, it seems the group has been targeting specific individuals of interest, possibly Government officials.
What Information Did They Get?
The hackers were able to get the call records of at least 20 individuals, who will remain unnamed. The information obtained includes the physical cell phone location, and the dates and times calls were made. Even though they were not able to obtain call recordings or messages, call details could help the hackers learn more about their targets’ lives.
How Did They Accomplish This?
Cybereason also uncovered how the hacker group was able to access these cell phone providers (or at least one of them). They accomplished this by accessing the provider’s internet-connected server and network by exploiting a vulnerability in it. Then, they stole official credentials to gain further access to the entire network. Once they did this, they compressed many gigabytes worth of call records for downloading.
The hackers were smart enough to cover their tracks in and out of the provider networks by using a secure VPN connection. So, they could go into the network whenever they wanted without being detected. Plus, they mapped each provider’s network, so they could understand it and improve their espionage efforts.
Based on Cybereason’s findings, it was discovered that the techniques used were similar to those used by APT10. They were a Chinese hacking group that was found to have stolen data from IBM, NASA, and other large U.S. technology companies. However, there’s no evidence at this time pointing to APT10 as being behind these provider hacking incidents.
What Providers Have Been Targeted?
Currently, 10+ cell phone providers were hacked, the names of which are not being revealed. However, Cybereason did disclose that those targeted were large providers located in Europe, the Middle East, Africa, and Asia (not North America).
Could Someone Spy On Your Phone Call Records?
Now, ‘Operation Softcell’ is clearly not targeting all cell phone users, just certain high-ranking officials. So, you don’t have to worry about them compromising your phone. However, there are ways someone could spy on your calls without you knowing. One of those ways is by using a spy app. By just gaining access to your phone for a minute, someone could install this undetectable software to your device. Then, they can just view your call details remotely (call time & date, and what number called). However, just like with ‘Operation Softcell’, this app technology cannot record phone calls.
Even though hacker groups don’t usually target the general public, doesn’t mean your phone can’t be a target . So, to protect yourself, make sure to know where your phone is at all times, be careful what Wi-Fi you connect to, and do a regular check-up of your device.
Recent Article: Apple’s Kids Category Bans Ads and Third-Party Tracking