Stolen employee records from telephone companies are being used to entice workers into performing illegal SIM swaps for money. T-Mobile and Verizon employees have reported receiving unsolicited text messages soliciting their participation in this scam. Cybercriminals use this SIM swapping technique to breach accounts secured by multi-factor authentication. Both companies have previously experienced breaches of employee information, suggesting possible origins of the mobile numbers used in the scam.
China-linked cyberespionage group PlushDaemon used South Korean VPN service to inject malware
A China-linked cyberespionage group known as PlushDaemon has reportedly exploited the VPN service of South Korean provider IPany to spread malware and spy on users.
