Apple and Meta transferred user data to hackers posing as law enforcement agencies. According to Bloomberg, in the middle of last year, attackers managed to forge orders for urgent data requests and obtain IP addresses, phone numbers and home addresses of users from companies.
Law enforcement agencies usually request data from social networks about the owners of specific accounts in connection with criminal investigations. Although such requests require a summons or a warrant signed by a judge, they are not required for urgent requests, since they relate to life and death issues.
According to Krebs on Security, fake urgent requests have recently become more common. The attackers first gain access to the email of the police department, and then forge a request for urgent data. Some cybercriminals sell access to government e-mail on the Network specifically for the purpose of its further use to obtain data from social networks.
According to Krebs on Security, teenagers are mainly engaged in such schemes. In particular, a teenager who led the hacker group Lapsus$ was doing this. However, last year’s series of attacks was the work of a group called the Recursion Team. Although it has already disbanded, some of its members have joined Lapsus$ under other names. The attackers gained access to the accounts of law enforcement agencies in different countries and for several months, starting in January 2021, sent fake requests for urgent data to a number of companies.
“We check every data request for legal validity and use advanced systems and processes to verify law enforcement requests and identify abuses. We are blocking known compromised accounts from sending requests and are working with law enforcement agencies to respond to incidents related to alleged fraudulent requests, as we did in this case,” Andy Stone, Meta’s director of policy and Communications, told The Verge by email.