Last week, news came to light that AT&T had been pwned and literally every customer had been affected. Now there’s even worse news:
US telecom giant AT&T, which disclosed Friday that hackers had stolen the call records for tens of millions of its customers, paid a member of the hacking team more than $300,000 to delete the data and provide a video demonstrating proof of deletion.
The hacker, who is part of the notorious ShinyHunters hacking group that has stolen data from a number of victims through unsecured Snowflake cloud storage accounts, tells WIRED that AT&T paid the ransom in May. He provided the address for the cryptocurrency wallet that sent the currency to him, as well as the address that received it. WIRED confirmed, through an online blockchain tracking tool, that a payment transaction occurred on May 17 in the amount of 5.7 bitcoin. Chris Janczewski, head of global investigations for crypto-tracing firm TRM Labs, also confirmed using the company’s own tracking tool that a transaction occurred in the amount of about 5.72 bitcon (the equivalent of $373,646 at the time of the transaction), and that the money was then laundered through several cryptocurrency exchanges and wallets, but said there was no indication of who controlled the wallets.
A security researcher who asked to be identified only by his online handle, Reddington, also confirmed that a payment occurred. The hacker enlisted him to serve as the go-between for their negotiation with AT&T, and Reddington received a fee from AT&T for serving in that capacity. Reddington provided WIRED with proof of the fee payment. The hacker initially demanded $1 million from AT&T but ultimately agreed to a third of that.
WIRED viewed the video that the hacker says he provided to AT&T as proof to the telecom that he had deleted its stolen data from his computer. AT&T did not respond to WIRED’s request for comment.
I’ve been very clear that paying a ransom is something that you should never, ever do as it only encourages more of this behaviour from threat actors. This news really sucks for someone like me as I want these sorts of attacks by threat actors to end.
Pity.
Like this:
Like Loading...
Related
This entry was posted on July 15, 2024 at 9:08 am and is filed under Commentary with tags AT&T, Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
AT&T Paid A Ransom After Getting Pwned
Last week, news came to light that AT&T had been pwned and literally every customer had been affected. Now there’s even worse news:
US telecom giant AT&T, which disclosed Friday that hackers had stolen the call records for tens of millions of its customers, paid a member of the hacking team more than $300,000 to delete the data and provide a video demonstrating proof of deletion.
The hacker, who is part of the notorious ShinyHunters hacking group that has stolen data from a number of victims through unsecured Snowflake cloud storage accounts, tells WIRED that AT&T paid the ransom in May. He provided the address for the cryptocurrency wallet that sent the currency to him, as well as the address that received it. WIRED confirmed, through an online blockchain tracking tool, that a payment transaction occurred on May 17 in the amount of 5.7 bitcoin. Chris Janczewski, head of global investigations for crypto-tracing firm TRM Labs, also confirmed using the company’s own tracking tool that a transaction occurred in the amount of about 5.72 bitcon (the equivalent of $373,646 at the time of the transaction), and that the money was then laundered through several cryptocurrency exchanges and wallets, but said there was no indication of who controlled the wallets.
A security researcher who asked to be identified only by his online handle, Reddington, also confirmed that a payment occurred. The hacker enlisted him to serve as the go-between for their negotiation with AT&T, and Reddington received a fee from AT&T for serving in that capacity. Reddington provided WIRED with proof of the fee payment. The hacker initially demanded $1 million from AT&T but ultimately agreed to a third of that.
WIRED viewed the video that the hacker says he provided to AT&T as proof to the telecom that he had deleted its stolen data from his computer. AT&T did not respond to WIRED’s request for comment.
I’ve been very clear that paying a ransom is something that you should never, ever do as it only encourages more of this behaviour from threat actors. This news really sucks for someone like me as I want these sorts of attacks by threat actors to end.
Pity.
Share this:
Like this:
Related
This entry was posted on July 15, 2024 at 9:08 am and is filed under Commentary with tags AT&T, Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.