Orange España, the second-largest mobile operator in Spain, experienced a cyber-attack that disrupted its mobile services for over three hours. The attack, which occurred earlier this month, was attributed to the hacking group “Snow,” who successfully breached Orange España’s RIPE Network Coordination Centre and caused configuration errors in the public key infrastructure and border gateway protocol.
A subsequent investigation by a group of security researchers revealed that the cyber-attack also led to the compromise of credentials for more than 1572 computer networks. The affected entities included a Kenya-based IT firm, a sizable IT firm in Azerbaijan, and a multinational data center in Africa. The attackers deployed various data-stealing malware such as Lumma, Azorult, Vidar, Redline, and Taurus within the organizational networks to execute a password theft campaign. The targets of these malicious programs included credentials used by data center administrators, ISP engineers, telecom administrators, network engineers, IT managers, and technology outsourcing companies.
The compromised networks and stolen credentials pose significant security risks, potentially paving the way for ransomware attacks and the unauthorized extraction of intellectual property. In some cases, threat actors may sell the stolen data for $10 each or collaborate with other cybercriminals to profit from activities like phishing attacks. It is worth noting that Orange España had previously disclosed details of the Aadhaar data breach affecting over 850 million Indian citizens in October 2023.
In response to the growing cybersecurity challenges, Resecurity has partnered with Cybercrime Atlas to combat global cybercrime networks. This collaboration, announced at the World Economic Forum’s Center, involves expertise from more than 40 public and private entities working together to provide technical support for this groundbreaking project. This partnership aims to address the ever-evolving threats posed by cybercriminals and to strengthen global cybersecurity efforts.
The cyber-attack on Orange España highlights the increasingly sophisticated tactics employed by cybercriminals to target large organizations and steal sensitive information. It also underscores the importance of collaboration between public and private entities to address these cybersecurity challenges and protect against future attacks. The partnership between Resecurity and Cybercrime Atlas represents a significant step towards enhancing global cybersecurity measures and safeguarding against the growing threat of cybercrime.