Lapsus $ hackers broke T-Mobile’s systems and stole the source code
The Lapsus $ hacking group stole T-Mobile’s source code in a series of breaches that took place in March, as first reported by Cancer for safety. T-Mobile confirmed the attack in another statement The Vergeand states that “the systems that were opened contained no customer or government information or other similar sensitive information.”
In copies of private messages obtained by Krebs, the hacker group Lapsus discussed targeting T-Mobile the week before the arrest of seven of the teenage members. After purchasing employees’ credentials online, members could use the company̵[ads1]7;s internal tools – such as Atlas, T-Mobile’s customer management system – to perform SIM exchanges. This type of attack involves hijacking a target mobile phone by transferring the number to a device owned by the attacker. From there, the attacker can receive text messages or calls received by their phone number, including messages sent for multifactor authentication.
According to screenshots posted by Krebs, Lapsus $ hackers also tried to hack into the FBI and the Department of Defense’s T-Mobile accounts. In the end, they were unable to do so, as further verification measures were needed.
“Several weeks ago, our monitoring tools discovered a bad player who used stolen credentials to gain access to internal systems that contain operating tool software,” T-Mobile said in an email to The Verge. “Our systems and processes worked as designed, the burglary was quickly turned off and shut down, and the compromised credentials used were made obsolete.”
T-Mobile has been exposed to several attacks over the years. Although this particular hack did not affect customer data, previous events did. In August 2021, a breach revealed the personal information of over 47 million customers, while another attack that occurred just months later compromised “a small number” of customer accounts.
Lapsus $ has made a name for itself as a hacker group that primarily targets the source code of major technology companies, such as Microsoft, Samsung and Nvidia. The group, which is reportedly led by a teenage champion, has also targeted Ubisoft, Apple Health partner Globant and the authentication company Okta.