To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

LightBasin

From Wikipedia, the free encyclopedia

LightBasin, also called UNC1945 by Mandiant, is a suspected Chinese cyber espionage group that has been described as an advanced persistent threat that has been attributed to multiple cyberattacks on telecommunications companies.[1][2][3] As an advanced persistent threat, they seek to gain unauthorized access to a computer network and remain undetected for an extended period. They have been attributed to attacks targeting Linux and Solaris systems.[1][2][3]

History

The LightBasin cyber espionage group has operated since 2016.[1][2] CrowdStrike say that they are based in China, though their exact location isn't known.[1] They have targeted 13 telecoms operators.[2]

Targets

CrowdStrike says that the group is unusual in targeting protocols and technology of telecoms operators.[1] According to CrowdStrike's investigation of one such breach, LightBasin leveraged external Domain Name System (eDNS) servers — which are part of the General Packet Radio Service (GPRS) network and play a role in roaming between different mobile operators — to connect directly to and from other compromised telecommunication companies’ GPRS networks via Secure Shell and through previously established implants. Many of their tools are written for them rather than being off the shelf.[1]

After compromising a system, then installed a backdoor, known as SLAPSTICK, for the Solaris Pluggable authentication module.[2] They utilize TinyShell, which is a Python command shell used to control and execute commands through HTTP requests to a web shell,[4] to communicate with attackers' ip addresses. The scripts are tunneled through an SGSN emulator, which CrowdStrike says is to maintain OPSEC.[3] Serving GPRS Support Node (SGSN) is a main component of the GPRS network, which handles all packet switched data within the network, e.g. the mobility management and authentication of the users.[5] Utilizing this form of tunneling makes it less likely to be restricted or inspected by network security solutions.[1][3]

CrowdStrike recommends that firewalls dealing with GPRS traffic be configured to limit access to DNS or GPRS tunneling protocol traffic.[1]

References

  1. ^ a b c d e f g h Nichols, Shaun (2021-10-20). "'LightBasin' hackers spent 5 years hiding on telco networks". TechTarget. Archived from the original on 2023-11-29. Retrieved 2022-04-08.
  2. ^ a b c d e Ilascu, Ionut (2021-10-19). "LightBasin hacking group breaches 13 global telecoms in two years". Bleeping Computer. Archived from the original on 2023-07-24. Retrieved 2022-04-08.
  3. ^ a b c d "LightBasin: A Roaming Threat to Telecommunications Companies". CrowdStrike. 19 October 2021. Archived from the original on 8 April 2022. Retrieved 9 April 2022.
  4. ^ "Day 27: Tiny SHell (SSH-like backdoor with full-pty terminal)". Medium. 26 January 2019.
  5. ^ "SGSN". Telecom ABC. Archived from the original on 2022-05-17. Retrieved 2022-05-11.

External links

This page was last edited on 30 April 2024, at 16:05
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy