Operation Soft Cell - a worldwide operation against telecommunications providers
Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers
June 25, 2019
17 min read
Written by: Cybereason Nocturnus
Research by: Mor Levi, Assaf Dahan, and Amit Serper
EXECUTIVE SUMMARY
In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with the Chinese-affiliated threat actor APT10. This multi-wave attacks focused on obtaining data of specific, high-value targets and resulted in a complete takeover of the network.
- Earlier this year, Cybereason identified an advanced, persistent attack targeting telecommunications providers that has been underway for years, soon after deploying into the environment.
- Cybereason spotted the attack and later supported the telecommunications provider through four more waves of the advanced persistent attack over the course of 6 months.
- Based on the data available to us, Operation Soft Cell has been active since at least 2017, though some evidence suggests even earlier activity by the threat actor against telecommunications providers.
- The attack was aiming to obtain CDR records of a large telecommunications provider.
more
https://www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers