Unknown threat actor kiberphant0m has emerged as a potential threat to U.S. telecom networks, joining the China-linked Salt Typhoon group in breaching major telecommunications service providers. The group claims to have accessed sensitive information, including call logs of President-elect Donald Trump and Vice President Kamala Harris.
Cyble, a dark web monitoring firm, has been monitoring kiberphant0m’s activities since they surfaced on cybercrime forums earlier this year. The group has been offering data and access allegedly obtained from major telecom providers like Verizon and AT&T, as well as spy schema supposedly belonging to the U.S. National Security Agency (NSA).
kiberphant0m’s background and activities indicate a wide range of breaches, including access to government servers, defense contractors, and critical infrastructure sectors in China. The group has also claimed connections to the UNC5537 threat group responsible for the Snowflake data breach. Speculation suggests that kiberphant0m may have technical expertise beyond being just a broker, as evidenced by their association with known threat actors.
Recent posts by kiberphant0m on Breach Forums revealed claims of possessing call logs of Trump and Harris, push-to-talk logs from Verizon Wireless, SIM swapping services, and technical database schema allegedly linked to the NSA. While the information may not be classified as extremely sensitive, the breaches highlight vulnerabilities in the telecom network security infrastructure.
Senator Mark R. Warner has highlighted the lax state of U.S. telecom networks, citing outdated equipment and patching issues as major concerns. Warner emphasized the need for a comprehensive overhaul of the telecom infrastructure to address the vulnerabilities exploited by threat actors like kiberphant0m.
In response to the security threats posed by these breaches, top national security officials held discussions with telecom industry executives to devise collaborative solutions to enhance network security. The incidents involving kiberphant0m and other threat actors underscore the urgency of addressing cybersecurity gaps in critical infrastructure sectors.
As the investigation into these breaches continues, cybersecurity experts and government agencies are working together to prevent future attacks and secure U.S. telecom networks against evolving threats. The emergence of threat actors like kiberphant0m highlights the need for proactive measures to safeguard sensitive data and critical infrastructure from malicious actors in the digital realm.