【Watch Her True Story 9 Online】

Malware tied to Chinese hackers has been found infecting telecommunication networks to steal SMS messages from thousands of phone numbers.

The Watch Her True Story 9 Onlinespying effort comes from a Chinese state-sponsored hacking group called APT 41, according to the cybersecurity firm FireEye. On Thursday, the company published a report on a malware strain from the group that's designed to infect Linux-based servers used by telecommunication carriers to route SMS messages.

Some time this year, FireEye uncovered the malicious computer code on a cluster of servers belonging to an unnamed telecommunication network provider. "During this intrusion, thousands of phone numbers were targeted, to include several high-ranking foreign individuals likely of interest to China," the company told PCMag.

---

You May Also Like

---

---

Interestingly, the malware is selective of which SMS messages it will try to collect. The APT 41 hackers pre-programmed it using two lists. The first one searches outs the target, based on the person's phone number and International Mobile Subscriber Identity (IMSI) number. The second list contains certain keywords that the malware will seek to find within the SMS messages. If one of the keywords is found in an SMS message, the malware will then save it in a .CSV file, which the hacker can later extract.

"The keyword list contained items of geopolitical interest for Chinese intelligence collection. Sanitized examples include the names of political leaders, military and intelligence organizations and political movements at odds with the Chinese government," FireEye researchers said in the report.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

Original image has been replaced. Credit: Mashable

The suspected Chinese hackers behind the malware also clearly knew who they were targeting, since they had access to both the victims' phone numbers and the IMSI numbers, which is harder to come by. On some Android phones, you can access the IMSI number in the settings function. But the information is primarily used by telecommunication carriers to uniquely identity each subscriber on a cellular network, which suggests the hackers had some serious intel-collecting abilities.

In the same intrusion, the hackers were also found interacting with databases that contained voice call record details, including the time of the call, the duration and the phone numbers involved.

"In 2019, FireEye observed four telecommunication organizations targeted by APT41 actors," the company added in today's report, which refrained from naming the organizations hit. "Further, four additional telecommunications entities were targeted in 2019 by separate threat groups with suspected Chinese state-sponsored associations."

SEE ALSO: Facebook sues WhatsApp developer that allegedly put spyware on phones of journalists and political dissidents

Other security researchers have also noticed suspected Chinese cyberspies infiltrating cellular networks. In June, security firm Cybereason uncovered evidence that Chinese hackers had broken into telecommunication carriers to steal call log and location data from "high-value" individuals across the globe.

The attacks underscore the risk of sending unencrypted information over cellular networks; the content is readable to whoever controls the SMS routing server. For especially sensitive messages, it's a good idea to use a mobile messaging app, such as WhatsApp or Signal, which offer end-to-end encryption.

Topics Cybersecurity Politics

• Life
• Digital Culture
• Social Good
• Entertainment
• Games
• Tech
• Shopping
• Science

• Best Hydro Flask deal: Save $10 on a 24
• Race horse loses rider but wins our hearts by racing without him
• How Roe v. Wade reversal is impacting dating and sex lives
• Cool guy Mayor Bill de Blasio confesses his love for ska
• Keeping Hope Alive
• 14 tweets that got me through the week
• 10 cliché Instagram posts you'll definitely see this summer
• Simone Giertz describes her radiation treatment while making some art
• Boeing's new VR simulator immerses astronauts in space training
• The UN says digital assistants like Siri promote gender stereotypes

• Best sex toy deals: Save 20% on Ava's entire Amazon storefront
• Inner Light by Jack Hanson
• Is 'The Last of Us Part II Remastered' worth it?
• PS5 DualSense: 2 updates coming to your controller, including better audio
• On Asturias’s Men of Maize by Héctor Tobar
• Antarctica has way more penguins than scientists thought, which is great, because penguins
• 'Elden Ring' is reportedly coming to your phone. Here’s what we know.
• The Dreams and Specters of Scholastique Mukasonga by Marta Figlerowicz
• Third Sleeper: Bob Garison by Sophie Calle
• Apple is working on a foldable clamshell iPhone, report says

• A Typical Wall Street Republican
• 25 tweets about glasses to read while your glasses slide down your nose
• AOC opens up about death threats after baseball team shows offensive video of her
• 12 interesting gadgets to spice up your self
• Boeing's new VR simulator immerses astronauts in space training
• How to stay protected during the busiest shopping period of the year
• 'God of War Ragnarok' has more game to play after the credits
• Elon Musk's $8 Twitter Blue subscription goes live, will tell you who paid for verification
• Inside the Murky Process of Getting Games on Steam
• 'White Lotus' Season 2's wild opening credits: Everything you need to know

• The best day to book your flight, according to Google
• 'Quordle' today: See each 'Quordle' answer and hints for November 15
• Apple sued for tracking users' activity even when turned off in settings
• Microsoft debuts an 'ugly' Clippy sweater in time for the holidays
• Google Pixel Buds Pro 2: $40 off at Amazon
• Apple limits AirDrop to 10 minutes in China
• Elizabeth Warren has a plan to fix everything, even our sad love lives
• 'And I oop' is having another moment and the memes are too good for this world
• A worthless juicer and a Gipper-branded server
• AOC opens up about death threats after baseball team shows offensive video of her