1 min read

Researchers Find SMS Monitoring Malware in Linux Telecom Servers

Silviu STAHIE

November 01, 2019

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Researchers Find SMS Monitoring Malware in Linux Telecom Servers

A state-sponsored tool most likely used by Chinese advanced persistent threat group APT41 was discovered inside the Linux servers of an undisclosed telecom company, surveilling incoming and outgoing SMS messages.

FireEye Mandiant recently identified a new malware family called MESSAGETAP, which was already deployed in the telecom company”s infrastructure. The term “advanced persistent threat group” is usually reserved for hacking groups employed or used by state actors.

The researchers said the tool deployed by APT41 supported Chinese espionage efforts, but the group has financial motives as well. It”s unclear how long the malware was operating before it was found, but a 2019 investigation revealed it in a cluster of Linux servers.

“Specifically, these Linux servers operated as Short Message Service Center (SMSC) servers. In mobile networks, SMSCs are responsible for routing Short Message Service (SMS) messages to an intended recipient or storing them until the recipient has come online,” said the researchers. “The malware parses and extracts SMS message data from the network traffic, which includes the SMS message contents, the IMSI number, and the source and destination phone numbers.”

The attackers” identification of both phone and IMSI numbers shows they were singling out known individuals. “Sanitized examples include the names of political leaders, military and intelligence organizations and political movements at odds with the Chinese government,” is also detailed in the official report.

MESSAGETAP is a perfect example of how messages can be intercepted in other layers generally considered safe. It also unveils the scope of the state actor”s purview and what they are capable of achieving.

tags


Author



Right now

Top posts

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
Cyber Tips for a Spook-Free Halloween

Cyber Tips for a Spook-Free Halloween

October 26, 2022

3 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Hacking cars remotely with just their VIN Hacking cars remotely with just their VIN
Graham CLULEY

December 05, 2022

2 min read
Russian courts attacked by CryWiper malware that poses as ransomware Russian courts attacked by CryWiper malware that poses as ransomware
Graham CLULEY

December 05, 2022

2 min read
Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts Android App in Google Play Store Was Harvesting SMS Messages Helping Criminals Create New Accounts
Silviu STAHIE

December 02, 2022

1 min read