Hackers backed by the Chinese government were able to obtain access to private text messages by compromising prominent telecommunications firms. FireEye, a cybersecurity firm, was able to do a deep dive into the attack to confirm what was stolen and who it was stolen by. As of now, FireEye has not yet disclosed the telecom company (or companies) impacted by the hack, making it impossible for users to determine if and how they were affected.
Who The Hackers Were and How They Stole the Info
APT41 is a group of state-backed hackers in China that operate in the best interest of Beijing. These hackers used malware called “Messagetap”, a malicious program that allows text messages to be intercepted, read, and stored. The attacks took place on the telecommunication company’s servers, rather than the smartphones of the individuals.
APT41 then mass searched these text messages for keywords and phone numbers specified by the Chinese government, under the guise of geopolitical interest or national security in regards to the Chinese government. The governments of other countries don’t seem to regard this move as a normal act of national security for China, as it is blatantly illegal and undeniably little more than spying.
This revelation comes at a time when tensions are high between the United States and Chinese tech manufacturers like Huawei. China often overextends its surveillance and participates in acts of espionage, and the United States views tech manufactured by Huawei to be a potential threat to national security. Huawei denies any wrongdoing.
Who Was Targeted in the Attack
There is evidence that certain individuals were specifically targeted while others were merely caught in the crossfire, but FireEye has not publicly released information regarding these targeted entities. It is safe to assume that any vocal opponents of the Chinese government or avid supporters of the Hong Kong protest of prominent status were likely targets, as they seem to be held in the highest level of contempt by the Chinese government. It’s inevitable that text messages send and received by normal civilians were caught in the crossfire, as entire servers were compromised.
There is also a possibility that the attack was designed to be as widespread and encompassing as possible. A recent discovery showed that everyone who downloaded the state-backed Chinese propaganda app “Study the Great Nation” had effectively had their device compromised or hacked by the Chinese government, as the app’s insidious permissions allowed it access to the entire smartphone.
The long and short of the situation is that targets have not been specifically named, but could very well be just about everyone who ever used the keywords that APT41 searched for on the hacked telecom servers.
Protecting Your Communications
Sending an unprotected SMS message is no different from sending mail in an unsealed envelope – anyone can read it, and you would never know about it. The only way to protect your communications from hackers is to communicate exclusively though end-to-end encrypted services. PrivateMail uses OpenPGP encryption and paranoid encrypted cloud storage for all messages and attachments sent or received through a PrivateMail inbox. Messaging apps like Signal offer a similar level of encryption.