Thursday, March 28

Apple and Meta gave some user data to cybercriminals posing as public officials, according to Bloomberg


Apple and Meta gave information about some of their users, such as home address, phone number, and IP address, to cybercriminals posing as public officials, according to sources with knowledge of the investigation consulted by Bloomberg. One of the suspects is the teenager who currently leads Lapsus$, which has been on everyone’s lips after the attacks on Microsoft, Samsung or Nvidia, although at that time he was part of another group of hackers.

Technology companies often receive different types of legal requests for information from certain customers. In the United States, conventional applications need a judge’s signature to be valid, but emergency applications, which are intended to be used in cases of imminent danger, are exempt from this requirement. Cybercriminals from a group known as the “Recursion Team” are believed to have forged several applications during 2021.

How they did the attack and why

To impersonate public officials, hackers compromised the security of email servers of law enforcement entities in various countries. This allowed them to send legal requests for information that seemed legitimate, since they referred to email addresses registered as valid by the technology companies to which they were addressed. In some cases, they also used orders with forged signatures from authorities.

Michael Geiger Jjpqavjby K Unsplash

In the case of Apple, legal requests are channeled through email. The company’s guidelines say that it is taken into account that these “be transmitted from the official email address of the requesting agency.” Also, in some they assure that they can contact the officials to confirm the validity of the petitions. Meta, for its part, details that it reviews all data requests to verify their legality and uses systems to validate requests and detect abuse.

Also Read  With the iPhone SE, Apple has taken recycling too seriously, but what difference does it make?

The information stolen by cybercriminals can be used to carry out different attacks. The most obvious, according to the researchers, is that of financial fraud. Knowing certain information about victims, attackers can use it to try to bypass the security of their accounts. If data is missing, they can also resort to social engineering techniques in which they impersonate other organizations to trick victims into following more information and stealing money.

Lapsus$: the group of cybercriminals behind the hacks of Nvidia, Samsung and MercadoLibre

Contrary to what one might think, the researchers believe that some of the “Recursion Team” hackers are US and UK teenagers. One of them would be the 17-year-old who later became the leader of Lapsus$, known for attacking large technology companies. It should be noted that the London Metropolitan Police arrested and then released seven young people for the investigation to find the members of this latest group of hackers.

Image | unsplash

Leave a Reply

Your email address will not be published. Required fields are marked *