Carding
Professional
- Messages
- 2,870
- Reaction score
- 2,511
- Points
- 113
Digicel Pacific is a new spy hub in the Pacific region.
As Citizen Lab researchers recently found out, the telecommunications company Digicel Pacific, owned by Australia and operating in the Pacific Islands, was most likely used by private spy firms to spy on and steal people's data around the world.
Experts analyzed data from Mobile Surveillance Monitor and found that unknown attackers, probably private spies, used the resources of the Digicel Pacific network to attack mobile phones in Africa. Such attacks have previously been used by firms engaged in espionage for hire, as well as state actors.
The attackers used Digicel Pacific's Global Title to send requests to mobile phones around the world. These queries can be used to determine the phone's location, intercept messages, and make calls.
"Global headers are sort of addresses on 3G networks that can be used to send requests to phones connected to mobile carriers anywhere on Earth," explained Gary Miller, a research associate at Citizen Lab.
Data analysis over the past 12 months revealed more than 21,000 suspicious requests using Digicel Pacific global headers from 5 countries: Fiji, Papua New Guinea, Samoa, Tonga and Vanuatu. After a brief lull, the number of attacks has increased sharply again in recent months.
Although hackers used Digicel's global headers, the attacks bypassed Digicel's networks. Their lease allowed the attackers to hide their identity.
The abuse of Digicel Pacific's resources occurred even before the company's purchase by the Australian telecommunications operator Telstra in July 2022. And despite the fact that the provider previously promised to stop renting out Digicel global headers to third parties, Citizen Lab experts found that attackers continued to use them.
Experts believe that the company could have taken much more drastic measures to curb abuse, but for some reason it did not. A banal lease termination is not enough — global headlines must be completely removed from global networks.
Although the purchase of Digicel was seen as a way to prevent spying by China, Chinese intelligence agencies are also known to use similar attacks in other regions of the world. Thus, the leak of global headlines poses a threat not only from commercial spies, but also from state actors.
The problem of abuse of global headers is relevant not only for Digicel. Any telecommunications operator can face similar attacks in the event of a leak or unauthorized lease of its resources by intruders.
Experts urge telecom companies to be vigilant and immediately respond to any signs of network compromise in order to prevent the use of their infrastructure for criminal purposes.
As Citizen Lab researchers recently found out, the telecommunications company Digicel Pacific, owned by Australia and operating in the Pacific Islands, was most likely used by private spy firms to spy on and steal people's data around the world.
Experts analyzed data from Mobile Surveillance Monitor and found that unknown attackers, probably private spies, used the resources of the Digicel Pacific network to attack mobile phones in Africa. Such attacks have previously been used by firms engaged in espionage for hire, as well as state actors.
The attackers used Digicel Pacific's Global Title to send requests to mobile phones around the world. These queries can be used to determine the phone's location, intercept messages, and make calls.
"Global headers are sort of addresses on 3G networks that can be used to send requests to phones connected to mobile carriers anywhere on Earth," explained Gary Miller, a research associate at Citizen Lab.
Data analysis over the past 12 months revealed more than 21,000 suspicious requests using Digicel Pacific global headers from 5 countries: Fiji, Papua New Guinea, Samoa, Tonga and Vanuatu. After a brief lull, the number of attacks has increased sharply again in recent months.
Although hackers used Digicel's global headers, the attacks bypassed Digicel's networks. Their lease allowed the attackers to hide their identity.
The abuse of Digicel Pacific's resources occurred even before the company's purchase by the Australian telecommunications operator Telstra in July 2022. And despite the fact that the provider previously promised to stop renting out Digicel global headers to third parties, Citizen Lab experts found that attackers continued to use them.
Experts believe that the company could have taken much more drastic measures to curb abuse, but for some reason it did not. A banal lease termination is not enough — global headlines must be completely removed from global networks.
Although the purchase of Digicel was seen as a way to prevent spying by China, Chinese intelligence agencies are also known to use similar attacks in other regions of the world. Thus, the leak of global headlines poses a threat not only from commercial spies, but also from state actors.
The problem of abuse of global headers is relevant not only for Digicel. Any telecommunications operator can face similar attacks in the event of a leak or unauthorized lease of its resources by intruders.
Experts urge telecom companies to be vigilant and immediately respond to any signs of network compromise in order to prevent the use of their infrastructure for criminal purposes.
