"Massive scale" intrusion into mobile carriers' networks exposed customers' location, call data for years

Originally published at: https://boingboing.net/2019/06/25/apt10.html



step 1: Demand backdoors and retention of private information for Law Enforcement
step 2: Wait for foreign state actor to access the backdoor
step 3: Make a big fuss about CyberWar
step 4: Rake in Law Enforcement Bucks
step 5: Distribute Law Enforcement Bucks to security contractors
step 6: Demand a cut of the Security Bucks back in exchange for continuing the grift
step 7: (well, and 3a, 4b, 5a, 6c…) Profit! Rinse, Repeat, etc, etc…
step Ooops! we forgot about a peaceful and prosperous society for all, sorry (not sorry)


Why wait for the door to be cracked when you could make even more money selling the crack?

“Foreign” state actor…


Welp, it wouldn’t be the first time an American intelligence agency sold crack for “law enforcement” purposes…


What the cell…? Telcos around the world were so severely pwned, they didn’t notice the hackers setting up VPN points

1 Like

Meanwhile, intelligence agencies from the affected countries were too busy worrying about their own backdoors to secure these networks against nominal adversaries.


I get that they don’t want to identify the targeted individuals, but it would be nice to know what kinds of people are being targeted to better understand precisely what these people are looking for. Maybe I missed it, or maybe someone who knows more about this story could enlighten me.

Everything we built is garbage.

Cybereason […] confirmed that they were not based in North America.

No need to hack US telcos when you can just pretend you’re a bounty hunter, and buy the information from them direct.


This topic was automatically closed after 5 days. New replies are no longer allowed.