U.S. Sectors Hit by Cyber Attacks: Telecoms, FBI, and Military Data Allegedly Compromised
Recent findings from the SOCRadar Dark Web Team are of threat actors targeting telecoms, federal agencies, and military operations.
These incidents include the sale of Patriot Mobile’s customer database, leaked private messages of FBI agents, breached documents from the US Army Aviation and Missile Command, and a major security compromise at a prominent Asian telecom company.
Receive a Free Dark Web Report for Your Organization:
Alleged Database of Patriot Mobile is on Sale
The SOCRadar Dark Web Team has detected a post on a hacker forum where a threat actor, known as IntelBroker, claims to have compromised the database of Texas-based provider Patriot Mobile. The breach purportedly affects about 65,000 users, and the data is currently listed for sale.
The alleged data includes sensitive Personal Identifiable Information (PII) such as account PINs, full names, email addresses, credit scores, home addresses, dates of birth, the last four digits of Social Security numbers, account balances, and referrers.
The Alleged Data of FBI Agents’ Messages is Leaked
The SOCRadar Dark Web Team has identified a post on a hacker forum where a threat actor alleges a leak of private messages involving FBI agents. According to the threat actor, the leak stems from a recently unsealed court document that discloses the usernames used by FBI agents in undercover operations aimed at identifying and purchasing data from vendors.
The post details the activities of an FBI Online Covert Employee (OCE), who allegedly used a specific alias to infiltrate forums and target members. The threat actor claims to have made available the private messages exchanged under this alias, alongside the email and IP addresses associated with the FBI agent’s activities.
This alleged leak includes comprehensive details such as dates, recipient and sender IDs, subjects, and the contents of the messages.
Alleged Documents of United States Army Aviation and Missile Command is Leaked
The SOCRadar Dark Web Team has detected a post on a hacker forum claiming a data breach at the United States Army Aviation and Missile Command (AMCOM). The leaked data allegedly includes maintenance tasks, PDFs, PNG files, and text documents.
Alleged Major Security Breach in Asian Telecom Detected
The SOCRadar Dark Web Team has detected a claim by a threat actor alleging extensive access to an Asian telecom giant with over $5 billion in annual revenue. The alleged breach includes access to over 150 LAN machines, a decryption library, call logs, databases, and the ability to clone SIM cards using decrypted keys.
Additional compromised items reportedly include national IDs, source code, crucial telecom operations data, and over 1,000 private keys. The hacker claims to have already gathered over 250 GB of data, with more expected. The sale price for this access is said to range from $150,000 to $10 million, depending on the level of access and negotiation terms.
Powered by DarkMirror™
Gaining visibility into deep and dark web threats can be extremely useful from an actionable threat intelligence and digital risk protection perspective. However, monitoring all sources is simply not feasible, which can be time-consuming and challenging. One click-by-mistake can result in malware bot infection. To tackle these challenges, SOCRadar’s DarkMirror™ screen empowers your SOC team to follow up with the latest posts of threat actors and groups filtered by the targeted country or industry.