• Wed. Jul 17th, 2024

Attackers Gained $20 Million via an AT&T Telecom Provider Flaw

Avatar photo

ByMarcel Bich

Apr 29, 2023
Attackers Gained $20 Million via an AT&T Telecom Provider Flaw
Marcel Bich
Latest posts by Marcel Bich (see all)

A security flaw in AT&T’s email inboxes allowed an unidentified group of attackers to steal up to $20 million in cryptocurrencies. Using an unnamed source, TechCrunch writes about it.

How the Hackers Exploit Vulnerabilities

According to reports, hackers have discovered a means to access the email accounts of all AT&T operators. These include the websites bellsouth.net, att.net, and sbcglobal.net. An unnamed insider claims that hackers have unrestricted access to the intranet of AT&T staff members.

Hackers create unique keys after obtaining privileged access permissions that enable them to access the victim’s email account without using a password. Additionally, the publication claims that hackers have the ability to reset victims’ passwords on cryptocurrency trading platforms Coinbase and Gemini

The unauthorized access was confirmed by AT&T, who also guaranteed that they had already taken steps to strengthen the system’s security. How many users of the cell operator’s network have been compromised is unclear, though.

Other Cases

It’s unknown how long the attackers had access to the secure network. One of the victims claims that since November 2022, unlawful access has been continuously documented. According to the article, hackers boast about their accomplishments in the Telegram group. The attackers stated that they have access to the whole database of AT&T employees in one of the posts.

A flaw in the SMS multi-factor authentication system allowed hackers to gain access to the accounts of around 6,000 users, according to a letter sent to consumers by the American cryptocurrency exchange Coinbase in October 2021. It wasn’t made clear who provided the SMS services in question. The exchange was attacked between March and May of 2021.

The customer’s email address, password, and phone number linked to their account were all necessary for the hacker to use. However, it is still unknown how the criminals obtained such detailed information about their targets.

 
Avatar photo

Marcel Bich

Marcel ‘s passion for the world of cryptocurrencies and his comprehensive knowledge of blockchain technology make him an invaluable asset to our team. He stays updated on the latest trends, regulations, and emerging technologies in the crypto space, ensuring that our audience receives accurate and up-to-date information.