Hackers are now getting telecom employees to run software that lets the hackers directly reach into the internal systems of U.S. telecom companies to take over customer cell phone numbers
This is the alarming claim made by Joseph Cox, writing for Vice.
Multiple sources in and familiar with the SIM swapping community as well as screenshots shared with Motherboard suggest at least AT&T, T-Mobile, and Sprint have been impacted.
We are all familiar with the concept of customers being tricked by hackers into installing Remote Desktop Protocol (RDP) software on their computers, effectively handing unlimited access and control to criminals. Cox writes that telco employees are also falling for the same trick at work. Hackers obtain access to the telco’s systems and then reportedly use them to take over the phone accounts of the telco’s customers.
Little information was presented by Cox, ostensibly because he was dealing with criminals and did not want others to copy their techniques, but also because he appears to be relying upon the word of a single self-described SIM swapper and an ‘independent security researcher’ who seemingly showed photos of computers running software used inside telcos. However, representatives of AT&T and Sprint gave credibility to the Cox’s claims by saying they were ‘aware’ of this method being used by hackers who seek to execute SIM swaps.
You can read the Vice article here.