An elite Chinese hacking group which broke into telecommunications companies was able to access the entire network’s text messages and search them for intelligence material, according to a new report.
The state-sponsored campaign involved the hackers, known as APT41, deploying malware on companies’ SMS servers which handle text messages.
This malware scanned through the servers searching for messages connected to specific phone numbers and IMSI (international mobile subscriber identity) numbers which uniquely identify network users. According to the cyber security firm FireEye which uncovered the campaign, the targeted phone numbers and IMSI numbers belonged to foreign high-ranking individuals of interest to the Chinese government.
When the malware detected a message to or from one of these targets it then saved a secret copy of the message on the network’s systems which the hackers would later steal.
The malware also contained a keywords list covering issues of geopolitical interest for Chinese intelligence collection, including the names of political leaders, military and intelligence organisations and political movements at odds with Beijing.
The UK’s National Cyber Security Centre has found no evidence that British networks are affected.
Full article - https://news.sky.com/story/chinese-hackers-accessed-text-messages-cyber-security-firm-says-11850176