Several companies in the tech sector would have suffered during the year 2021 fraudulent requests for access to the data of their users. Blame it on budding hackers who seem to have found a loophole to exploit.
Even the biggest are not infallible, including Apple and Meta. According to Bloomberg, the two companies would have inadvertently granted, in 2021, certain sensitive information of their users to hackers. These deniers would indeed have succeeded in formulating false requests simulating those of the police.
The fault would have occurred in the middle of last year when the two giants would have found themselves providing information concerning in particular the IP address, the telephone number or even the address of their users.
A flaw taken advantage of
It is quite common today for law enforcement to make data access requests about a specific user when it can help solve criminal investigations. Some of these requests still require legal prerequisites to be implemented. This is precisely what the hackers thought of when they made not classic data requests, but so-called “emergency” data requests, suggesting that the lives of certain people were in danger.
The process is quite simple: they first had to gain access via an attack to a police department’s email systems and then be able to make an emergency request by posing as law enforcement. They then just have to describe an alarming situation for which the non-return of the data would put people in danger. Some hackers even sell access to certain government email addresses for this very purpose.
Attacks by teenagers?
More surprisingly, the majority of criminals making such requests turn out to be teenagers and some experts even suspect the leader of the Lapsus$ hacker group, who is also only 16, of being involved in this kind of crime. ‘scam.
The series of attacks suffered by the two firms is said to be the work of a group called Recursion, which has since dissolved, and some of whose members ended up joining the Lapsus$ group under a new identity. Sources involved in the investigation explain that these hackers had access to the accounts of government agencies in several countries and that they would have targeted numerous companies for several months from January 2021.
An intangible threat extended to the entire industry
However, Meta ensures that it examines each request and puts in place advanced processes to detect any abuse. The company claims to block compromised accounts and work hand-in-hand with law enforcement to respond to these fraudulent requests.
As for Apple, its recommendations for law enforcement stipulate that the company may need to ask them for confirmation to verify that the emergency request was legitimate.
Meta and Apple are not the only companies affected by such attacks. Bloomberg reports that Snap Inc. (Snapchat) has also received similar requests, but it’s unclear whether the company has acted on them or not. Discord also seems to have been affected by these false requests and to have responded to them.
This threat is now very real and widespread throughout the industry. It seems quite surprising that people can thus thwart the barriers put in place by these companies to keep our data in a safe place. Hopefully the flaw will be fixed as soon as possible.
To follow us, we invite you to download our Android and iOS application. You can read our articles, files, and watch our latest YouTube videos.