Apple and Meta gave information about some of their users, such as home address, phone number, and IP address, to cybercriminals posing as public officialsaccording to sources with knowledge of the investigation consulted by Bloomberg. One of the suspects is the teenager who would currently lead Lapsus$, which has been on everyone’s lips after the attacks on Microsoft, Samsung or Nvidia, although at that time he was part of another group of hackers.
Technology companies often receive different types of legal requests for information from certain customers. In the United States, conventional applications need a judge’s signature to be valid, but emergency applications, which are intended to be used in cases of imminent danger, are exempt from this requirement. Cybercriminals from a group known as the “Recursion Team” are believed to have forged several applications throughout 2021.
How they did the attack and why
To impersonate public officials, hackers compromised the security of email servers of law enforcement entities in various countries. This allowed them to send legal requests for information that seemed legitimate, since they referred to email addresses registered as valid by the companies to which they were addressed. In some cases, they also used orders with forged official signatures.
In the case of Apple, legal requests are channeled through email. company guidelines they say that it is taken into account that these “are transmitted from the official email address of the requesting agency”. Likewise, in some cases they can also contact the officials to confirm the validity of the petitions. Goal, meanwhile, details that reviews all data requests to verify their legality and uses systems to validate requests and detect abuse.
The information stolen by cybercriminals can be used to carry out different attacks. The most obvious, according to the researchers, is that of financial fraud. Knowing certain information about victims, attackers can use it to try to bypass the security of their accounts. If data is missing, they can also resort to social engineering techniques in which they impersonate other organizations to trick victims into following more information and stealing money.
Contrary to what one might think, the researchers believe that some of the “Recursion Team” hackers are US and UK teenagers. One of them would be the 17-year-old who would later become the leader of Lapsus$, a group known for attacking large technology companies. It should be noted that the London Police arrested and then released seven young people for the investigation to find the members of this latest group of hackers.
Image | Unsplash
Source: Xataka by www.xataka.com.
*The article has been translated based on the content of Xataka by www.xataka.com. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!