Monday, June 8, 2009

Hello T-Mobile, You've Been Pwn3d

EDIT 06/09/09 @ 2:28pm CST:

Well, who would have thunk it. Apparently T-Mobile is admitting that the information posted by the hacker is real but there was no compromise of customer or internal information from those servers. ORLY? I'm not inclined to believe that... given that someone has hacked that deeply into the network... and T-Mobile is saying no data was compromised?

The only thing I can think of that would allow for such a situation as they're in now is if someone lost a spreadsheet with that information... which could also have been lifted off a laptop, whatever. Then you have a lot of internal knowledge without the actual penetration and theft. Maybe... just maybe this could be the case?

At any rate, I can't wait for more information to hit the wires... doesn't seem like we'll be getting much from T-Mobile in the way of being forthcoming.

EDIT 06/08/09 @ 12:08pm CST
It almost doesn't matter, in the court of public opinion at least, whether this hack is real or imaginary... because if you look at twitter and Google T-Mobile right now... you'll see hundreds of blogs, news articles, twitter posts and all sorts of comments out there already feeding the fire. Should this turn out to simply be a hoax (which is may very well be)... T-Mobile has already been judged and the damage is done in the public eye... at least when it comes to those people who read/comment on the web regularly.

This just goes to show the kind of damage a well-placed "we hacked you" public disclosure (even by an un-named party, with virtually no evidence to back it up) can inflict on a public company. T-Mobile needs to do damage control, quickly... and quit with the "no comment" responses. Their current responses to media are just throwing fuel on the fire already raging out of control... and that's bad for business.

The mailing lists have been aflutter today with an interesting revelation. Starting with the release to the Full Disclosure mailing list, someone has made it painfully obvious that they have completely pwn3d T-Mobile.

This isn't the run-of-the-mill "hi, we hacked your web site and defaced it" announcement... this one is a little deeper, and much worse. No, this email announcement boldly announced that T-Mobile has been completely, totally, and wholly pwn3d by someone who chose to be anonymous... although has a great mastery of the English language.

Here's the text of the email...
Hello world, The U.S. T-Mobile network predominately uses the GSM/GPRS/EDGE 1900 MHz frequency-band, making it the largest 1900 MHz network in the United States. Service is available in 98 of the 100 largest markets and 268 million potential customers. Like Checkpoint Tmobile has been owned for some time. We have everything, their databases, confidental documents, scripts and programs from their servers, financial documents up to 2009. We already contacted with their competitors and they didn't show interest in buying their data -probably because the mails got to the wrong people- so now we are offering them for the highest bidder. Please only serious offers, don't waste our time. Contact:
These guys are serious too. Pasted along with this taunting email is a list of servers and systems supposedly compromised... including the name, ApplicationID, OS, IP and other interesting tidbits. Either these hackers seriously own T-Mobile and their data... or they're playing it really convincingly.

What I find interesting, is the statement that the hackers have already contacted T-Mobile's competition, but that the competition wasn't interested in internal documents and secret data. That means one of two things... either there is actually some integrity out there... or as the hacker says, he was probably just emailing the wrong people.

I wonder what kind of figures these hackers had in mind?


No comments: