Apple and Meta were deceived into revealing the data of some of its users with hackers according to esports. The companies supplied the information in response to fictitious emergency data demands from hackers posing as law enforcement officers. It has recently been discovered that fake emergency demands for data extraction from businesses have been going on for quite some time.
According to Bloomberg, Apple and Meta, Facebook’s parent corporation, provided hackers with information such as a user’s address, phone number, and IP address. As a result of the faked requests, the information leak tool was implemented in mid-2021. Emergency data requests do not require a court order, even if they are typically done with a search warrant or subpoena.
According to three people familiar with the matter, Snap Inc., Snapchat’s parent company, and gaming social media Discord also received a similar legal request manufactured by the same hackers. It’s unclear whether the corporation, like Apple and Meta, shared user information with hackers.
According to the report, hackers who obtained data from internet giants used it to harass target individuals. Aside from that, Bloomberg’s sources suggested that this data may be used in financial fraud schemes. In rare circumstances, the hackers may even attempt to circumvent the victims’ account security.
It is believed that hackers associated with a cybercrime group called “Recursion Team” are behind the data extraction attempts. The group apparently sent such fraud emergency data requests to technology firms throughout 2021, but now remains inactive. Some of its members have reportedly joined Lapsus$, the notorious cyber crime gang responsible for the recent data leaks of a number of companies, including Microsoft, Samsung and others.
Cybersecurity researchers have also hinted that some of the hackers involved with the forged requests may be the suspected Lapsus$ group members in the US and the UK. Experts say that they were able to dupe the companies by compromising the email domains of some law enforcement agencies in multiple countries. These domains are easily accessible to hackers on online criminal marketplaces on dark web.
On the forged requests, there were hints of the same. The documents featured “forged signatures of genuine or imaginary law enforcement officers,” according to the investigation. This was also noted in a statement by Discord. “While our verification process confirmed that the law enforcement account was valid, we later discovered that it had been compromised by a hostile actor,” says the statement. Law enforcement agencies are presently looking into the situation.
