These hackers dodge Windows and target Linux as they look to steal phone data

A stealthy hacking group is infiltrating telecommunications companies around the world in a campaign which researchers have linked to intelligence gathering and cyber espionage. 

The campaign, which has been active since at least 2016, has been detailed by cybersecurity researchers at CrowdStrike, who’ve attributed the activity to a group they call LightBasin – also known as UNC1945.  

It’s believed that since 2019, the offensive hacking group has compromised at least 13 telecommunication companies with the aim of stealing specific information about mobile communications infrastructure, including subscriber information and call metadata – and in some cases, direct information about what data smartphone users are sending and receiving via their device. 

“The nature of the data targeted by the LightBasin aligns with information likely to be of significant interest to signals intelligence organisations. Their key motives are likely a combination of surveillance, intelligence, and counterintelligence collection,” Adam Meyers, SVP of Intelligence at CrowdStrike told ZDNet. 

“There is significant intelligence value to any state-sponsored adversary that’s likely contained within telecommunications companies,” he added. 

The exact origins of LightBasin aren’t disclosed, but researchers suggest that the author of tools used in attacks has knowledge of the Chinese language – although they don’t go as far to suggest

Read More: