Thursday , October 10 2024
tower

Hacker Claim to compromise over 15 Asian telecom

A large dataset belonging to BSNL, an Indian state-owned telecommunications company, has been put up for sale by cybercriminals on an underground forum.

On May 27, 2024, it was discovered that “kiberphant0m” was selling unauthorized access to databases stolen from BSNL, as well as data from other Asian telecom companies reports thecyberexpress.

Palo Alto Networks issues fix for security flaws, Including CVE-2024-9463

Palo Alto Networks released a security advisory (PAN-SA-2024-0010) about several high-severity vulnerabilities in its Expedition migration tool, with CVSS scores...
Read More
Palo Alto Networks issues fix for security flaws, Including CVE-2024-9463

Microsoft October 2024 Patch: 5 Zero-Days, 118 flaw

In its recent Patch Tuesday release, Microsoft fixed 118 vulnerabilities, including five zero-day flaws, two of which are currently being...
Read More
Microsoft October 2024 Patch: 5 Zero-Days, 118 flaw

BD CIRT alert
Lumma C2 malware attack Bangladeshi several websites

The Cyber Threat Intelligence (CTI) Unit at BGD e-GOV CIRT has discovered a malware campaign involving the Lumma Stealer family....
Read More
BD CIRT alert  Lumma C2 malware attack Bangladeshi several websites

Qualcomm Patched Multi Flaws, Including 0-day

Qualcomm's October 2024 Security Bulletin reveals critical vulnerabilities in several chipsets, including the popular Snapdragon mobile platforms and FastConnect solutions....
Read More
Qualcomm Patched Multi Flaws, Including 0-day

BD CIRT announce “Cyber Drill 2024”: Registration open

BGD e-GOV CIRT is excited to announce the Financial Institutions and Critical Information Infrastructure (CII) Cyber Drill 2024, designed for...
Read More
BD CIRT announce “Cyber Drill 2024”: Registration open

First Half Of 2024 Report
Bangladeshi 32.4% government websites face cyber attack: NAS report

National Attack Surface (NAS) report for the first half of 2024 reveals that 56.6% of cyberattacks in Bangladesh targeted educational...
Read More
First Half Of 2024 Report  Bangladeshi 32.4% government websites face cyber attack: NAS report

Prince Ransomware Hits UK and US

A new ransomware campaign is targeting individuals and organizations in the UK and US. The "Prince Ransomware" attack uses a...
Read More
Prince Ransomware Hits UK and US

CISA warns active exploit of Zimbra & Ivanti endpoint manager Vulns

CISA has issued an urgent alert about critical vulnerabilities being exploited in Synacor’s Zimbra Collaboration and Ivanti’s Endpoint Manager (EPM)....
Read More
CISA warns active exploit of Zimbra & Ivanti endpoint manager Vulns

A summary of “2024 State of Cybersecurity survey” by ISACA

ISACA 2024 survey report reveals that 66% of cybersecurity professionals find their jobs more stressful now than five years ago....
Read More
A summary of “2024 State of Cybersecurity survey” by ISACA

ISACA reveals
64% of Australian cybersecurity professionals feel increasing stress

A recent study by ISACA shows that almost two-thirds of cybersecurity professionals report increasing job stress. The 2024 State of...
Read More
ISACA reveals  64% of Australian cybersecurity professionals feel increasing stress

According to the threat actor known as kiberphant0m, the leaked data contains sensitive information like IMSI, SIM details, HLR (Home Location Register), DP Card Data, Masterkeys, and more.

Details of the Allegedly Compromised Data:
The attacker claims to possess a comprehensive collection of BSNL data, including:

IMSI (International Mobile Subscriber Identity)
SIM details
HLR (Home Location Register) information
Machine Copy Data
DP Card Data (8GB)
DP Security Key Data (130GB)
Masterkeys
SOLARIS server snapshot (140GB)
Main database (3.5GB)

The leaked dataset supposedly has important information about BSNL’s operations and customer records. Some of the fields in the main database structure are SIM, IMSI, PIN1, PUK1, PIN2, PUK2, ADM, AUTH, KDBID, ALGOID, ACSUB, AMF, and MAKE dailydarkweb reports reads.

The alleged breach involves a person who is selling the data on Telegram for a negotiable price ranging from $80,000 to $150,000. They have also mentioned that they are willing to sell this data to anyone, including state actors, if the Indian government does not take immediate action to acquire and protect the compromised information.

   Source: Dailydarkweb

BSNL has yet to issue an official statement or response regarding the breach, leaving the claims unverified. The threat actor said to an international media that, “This is not the same data as the previous telecom post! we have breached over 15 Asian telecoms! Information is worth several million dollars but I’m selling for pretty cheap. Negotiate a deal on telegram. State Threat Actors are also welcome to buy this data, I will sell to anyone who wants it.”

Additionally, CloudSEK’s XVigil platform reported in middle of May that a threat actor named “303” who posted an ad on BreachForums offering access to a shell account on a Telecom Argentina server. This type of access gives the user a lot of control over the server, which could be used for stealing data, installing malware, or causing disruptions.

The ad also said the hacker has 121GB of data on the server. Although the type of data is not specified, the large amount suggests it could include important customer info, financial records, or internal company documents.

(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)

Check Also

Man

A summary of “2024 State of Cybersecurity survey” by ISACA

ISACA 2024 survey report reveals that 66% of cybersecurity professionals find their jobs more stressful …

Leave a Reply

Your email address will not be published. Required fields are marked *