Forwarded from BlackBox (Security) Archiv
The A1 Telekom Austria Hack - they came in through the web shells
On the 3rd of February 2020 I received an encrypted email on 3 of my email addresses from a person calling themself "Libertas" with the subject "Information for the public".
"I am writing to you today because you seem to be a IT security related guy from Austria with a brain. I hope this assumption is correct, otherwise please disregard this message.
I am writing concerning your local telecom company A1 Telekom. -Libertas"
At first I thought it's some conspiracy theorist who wants to publish something on my blog (they always do) but it was not one of these cases and I wasn't prepared to what they presented me.
Disclaimer:
After confirming the hack with A1 I was asked to postpone the publishing of this post until A1 has kicked the attackers out. I complied with their request so I wouldn't interfere with the ongoing investigation. Since I did not publish this post for months the whistleblower also contacted a journalist from Heise.de and we agreed to release our articles at the same time.
Since I have no way of checking the validity of individual statements made by the whistleblower, they could all be fabricated. I find them very plausible and many details of the email were confirmed by A1 but keep it in the back of your head that the statements of "Libertas" might be untrue or half-true until confirmed by A1 Telekom. Since I had the opportunity to talk to people from A1 I will add their statements in blue.
ππΌ Read more:
https://blog.haschek.at/2020/the-a1-telekom-hack.html
ππΌ Read more π©πͺ:
https://www.golem.de/news/oesterreich-hackerangriff-bei-a1-telekom-2006-148984.html
#austria #telekom #hack #hacked #Libertas
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
On the 3rd of February 2020 I received an encrypted email on 3 of my email addresses from a person calling themself "Libertas" with the subject "Information for the public".
"I am writing to you today because you seem to be a IT security related guy from Austria with a brain. I hope this assumption is correct, otherwise please disregard this message.
I am writing concerning your local telecom company A1 Telekom. -Libertas"
At first I thought it's some conspiracy theorist who wants to publish something on my blog (they always do) but it was not one of these cases and I wasn't prepared to what they presented me.
Disclaimer:
After confirming the hack with A1 I was asked to postpone the publishing of this post until A1 has kicked the attackers out. I complied with their request so I wouldn't interfere with the ongoing investigation. Since I did not publish this post for months the whistleblower also contacted a journalist from Heise.de and we agreed to release our articles at the same time.
Since I have no way of checking the validity of individual statements made by the whistleblower, they could all be fabricated. I find them very plausible and many details of the email were confirmed by A1 but keep it in the back of your head that the statements of "Libertas" might be untrue or half-true until confirmed by A1 Telekom. Since I had the opportunity to talk to people from A1 I will add their statements in blue.
ππΌ Read more:
https://blog.haschek.at/2020/the-a1-telekom-hack.html
ππΌ Read more π©πͺ:
https://www.golem.de/news/oesterreich-hackerangriff-bei-a1-telekom-2006-148984.html
#austria #telekom #hack #hacked #Libertas
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
The A1 Telekom Austria Hack
Personal blog of Christian Haschek