According to a Bloomberg article, Apple and Meta turned up user data to hackers who imitated emergency data request requests routinely made by law authorities. Both organizations fell for the fraudulent requests in mid-2021, and provided information regarding consumers’ IP addresses, phone numbers, and home locations.
In the course of criminal investigations, law enforcement officials frequently seek data from social media sites, allowing them to learn more about the owner of a certain online account. Emergency data requests, on the other hand, do not require a subpoena or search warrant issued by a court and are designed for cases involving life-threatening conditions.
According to a recent analysis from Krebs on Security, fake emergency data demands are growing more regular. Hackers must first obtain access to a police department’s email systems in order to launch an attack. The hackers can then impersonate a law enforcement authority and create an emergency data request that highlights the possible threat of not receiving the sought data immediately. According to Krebs, some hackers are offering access to government emails on the dark web, expressly for the purpose of impersonating emergency data requests on social media sites.
According to Krebs, the bulk of criminal actors that carry out these bogus requests are teens, and cybersecurity analysts suspect the young mastermind behind the Lapsus$ hacking gang might be participating in this sort of fraud. Since then, seven teenagers have been detained in connection with the gang.
Last year’s run of attacks, on the other hand, might have been carried out by members of the Recursion Team cybercriminal gang. Despite the fact that the organization has disintegrated, several members have joined Lapsus$ under new names. Beginning in January 2021, hackers gained access to the accounts of law enforcement agencies in numerous countries and targeted a number of organizations, according to officials engaged in the probe.
In an emailed reply to The Verge, Andy Stone, Meta’s policy and communications director, stated, “We assess every data request for legal sufficiency and employ advanced tools and procedures to validate law enforcement requests and prevent misuse.” “We stop known compromised accounts from making requests and, like in this case, we collaborate with law enforcement to react to events involving suspected fraudulent requests.”
“If a government or law enforcement agency seeks customer data in response to an Emergency Government & Law Enforcement Information Request, a supervisor for the government or law enforcement agent who submitted the Emergency Government & Law Enforcement Information Request may be contacted and asked to confirm to Apple that the emergency request was legitimate,” Apple told The Verge when asked for comment.
Fake emergency data demands have harmed a number of firms, including Meta and Apple. According to Bloomberg, Snap was also approached by hackers with a bogus request, although it’s unclear if the business followed through. According to Krebs on Security’s research, Discord confirmed that it gave up information in response to one of these bogus requests.
In an emailed comment to The Verge, Peter Day, Discord’s group manager for corporate relations, stated, “This strategy poses a huge danger throughout the internet sector.” “To address developing concerns like this one, we’re always investing in our Trust & Safety capabilities.”