Chinese hackers have targeted a vicious cyber-attack on Nepal Telecom. Chinese cybercriminals have stolen call data records (CDRs) by hacking an Oracle Glassfish server used by a state-owned telecommunications company.
Nepal Telecom has not yet given any clear information about the type of cyber attack and data stolen. The hackers used Advanced Persistent Threat (APT) 41 and Advanced Persistent Threat (APT) 71 tactics and backdoor weapons.
But Dilliram Adhikari, managing director of the Nepal Telcom, claimed that the company’s main server was secure. He said the old CDMA server may have been attacked. Our technical team is checking this matter in detail. Our main server is protected by a high-level firewall. ‘
Check out: List of useful Ussd Shortcodes of Ncell
These are tactics and backdoor weapons used by hackers protected by the Chinese government. On this basis, although the direct involvement of Chinese government hackers in this hacking could not be confirmed, there is an analysis of Bhairav Technology, a cybersecurity firm based in Nepal, that they could be hackers who have contracted.
Hackers have been seen taking CDR data from telecom servers to APT 41 and APT 71. ‘Confidential documents used to be taken earlier,’ now it seems to have taken user details. But I’m not sure what was in it. ‘
Criminals have used the web vulnerability scanner tool Acunetix to attack Telecom’s servers. Then using the Cobalt Strike Offensive tool to leave the backdoor on the company’s server and steal data.
A backdoor is a method of erecting a security re-entry gate once a security vulnerability has been discovered. But the cyberattack on the company has been going on since last June. “The plan seems to have been made before then,” Limbu said.
It has also been found that the data stolen from the Nepal Telecom server has been kept on the dark web for sale. On June 29, an unidentified person sold the CDR call data record of the telecom for 250 US dollars.
In which data of telecom companies of Philippines, Pakistan, and Nepal are kept for sale. But how accurate that data it has not been confirmed. According to cybersecurity researchers, this is a cyber-attack due to failure to scan and patch the vulnerability in time.
Read This: How To Transfer Balance in NTC? Easy Steps
“It’s not a Zero Day (just a security vulnerability),” said the cybersecurity expert. This shows that Telecom does not have a clear processor to patch the variability assessment. ‘
Follow The KD Blog on Twitter and Facebook to get more information.