Chinese group apt41 spied on users via SMS

Top news

FireEye Mandiant experts have discovered a new tool, MESSAGETAP. The Chinese group APT41 uses it to intercept SMS traffic from servers of communication companies to steal the content of SMS messages. Hackers have deployed MESSAGETAP on an unnamed telecom provider to spy on traffic.

APT41, allegedly sponsored by China, specializes in cyber espionage and financially profitable campaigns. The group operates since 2012.

According to experts, APT41 has compromised a Linux server cluster of a certain telecom provider to intercept messages from senior officials of interest to the Chinese government. Hackers were interested in messages related to political leaders, military or intelligence organizations, as well as opposition political movements.

Published November 1, 2019, on the ib-bank.ru industry portal

Source: https://ib-bank.ru/bisjournal/news/12343