Enlarge image
T-Mobile logo on a store in New York
Photo: Shannon Stapleton / REUTERS
The Wall Street Journal exchanged messages via the Telegram chat service with a young man who claims to be behind the spectacular hack that rocked the US telecommunications company T-Mobile in mid-August. The IT security company Unit221B had made the company aware that someone was offering data from millions of customers of the company for sale in a forum. T-Mobile USA later confirmed the attack. The information on how many records the perpetrator or perpetrators were able to capture vary between 50 and 100 million.
There are some indications that the man who revealed himself to the Wall Street Journal as John Binns and expressed himself to be the perpetrator is actually the perpetrator.
On the one hand, he provided the newspaper with detailed information on the incident before it became public, the newspaper wrote.
On the other hand, he sent screenshots from internal T-Mobile servers to the “Journal”.
A series of spectacular hacks
The attack on the servers of the American T-Mobile subsidiary is only the last in a series of spectacular, if only to a limited extent comparable, hacks on large US companies in the past few months.
In May, for example, the largest fuel pipeline in the USA was paralyzed for days by a cyber attack, and the attackers demanded a ransom for the release of the server.
In June the systems of the world's largest meat producer JBS were encrypted by criminals using ransomware.
Here, too, a ransom demand was at the center of the attack.
US President Joe Biden responded to the increased number of attacks by stating that a war between the great powers is likely to be the "consequence of a cyberattack of great importance."
Identified weak points with freely available software
According to the Wall Street Journal, the attack on T-Mobile was carried out by an American.
The 21-year-old grew up in northern Virginia and his father died when he was two years old.
At the age of 18 he emigrated to Izmir in Turkey with his mother of Turkish descent.
He describes the hack as simple.
Using freely available software, he searched T-Mobile's known Internet addresses for weak points.
In doing so, he came across a router that was not externally secured and from there gained access to other computers and databases.
Among other things, he stole access data that enabled him to access more than 100 servers.
Your security measures are lax, he blasphemes on T-Mobile USA.
He went on to explain that it took him around a week to work his way up to the servers on which the personal data of millions of cell phone customers are stored and to download them. It remains unclear whether he really went it alone or had support. He also does not provide any information on whether he has already sold parts of the data loot. Instead, he told the Journal, "One of the goals was to make noise."
In his Telegram messages to the newspaper, however, he also wanted to draw attention to the persecution he felt by the US authorities.
Accordingly, he was kidnapped in Germany and taken to a "fake psychiatric clinic".
He went on to say that he had "no reason to make up a fake kidnapping story" and that he hoped "someone from the FBI will leak information about it."
mak