A notorious hacker known as Intel Broker has announced a data breach involving the telecommunications giant Nokia. Posting on the infamous cybercrime forum BreachForums, Intel Broker claims to have gained unauthorized access to sensitive Nokia information through a third-party contractor linked to Nokia’s internal tool development.
The hacker claims that no customer information was accessed, but they have obtained critical internal data from Nokia’s systems, which they’re now selling for $20,000.
Details of the Breach - According to Intel Broker’s post, the stolen data includes SSH keys, source code, RSA keys, Bitbucket logins, SMTP accounts, webhooks, and hardcoded credentials. All these items could potentially enable further unauthorized access to internal systems or facilitate other types of cyber-attacks. In an attempt to validate the breach, Intel Broker also shared a file tree, showcasing various files and folders apparently related to Nokia’s internal operations.
In an exclusive conversation with Hackread.com, Intel Broker said that the stolen data collection is up for sale for $20,000, and he is reaching out to prospective buyers on BreachForums. According to the post, only those with high-ranking status and sufficient reputation on the forum are encouraged to inquire.
Intel Broker on Breach Forums (Screenshot: Hackread.com)
The hacker claims to have pulled this data from a contractor working closely with Nokia, rather than Nokia’s own systems directly. This method of breaching systems through third-party vendors has become increasingly common, as vendors are often granted extensive access to the companies they serve. Cybersecurity experts have long warned about this weak point, advising companies to ensure that security standards extend to their contractors and partners.
Potential Impact - While Intel Broker emphasizes that customer data is not included in the breach, the exposure of alleged Nokia’s internal data could still have widespread implications. With access to development environments, source code, and credentials, hackers could potentially tamper with Nokia’s tools or services, or exploit the vulnerabilities in these resources to compromise other systems.
Screenshot from the sample data that Hackread.com analyzed
Nokia’s Response - At the time of reporting, there has been no official statement from Nokia on this alleged breach. However, Hackread.com has reached out to the company awaiting a response. Stay tuned.
About Intel Broker - Intel Broker who is also the owner of Breach Forums is known for high-profile data breaches. In June 2024, the hacker claimed to have breached Apple Inc., stealing source code for internal tools. The same hacker boasted about breaching AMD (Advanced Micro Devices, Inc.), and stealing employee and product information.
In May 2024, Intel Broker hacked Europol, a breach that the agency later confirmed. Some of the hacker’s previous data breaches are listed below:
• Tech in Asia
• Space-Eyes
• Home Depot
• Facebook Marketplace
• Staffing giant Robert Half
• US contractor Acuity Inc.
• Los Angeles International Airport
• Alleged breaches of HSBC and Barclays Bank
Although the hacker’s origins and affiliates are unknown, according to the United States government, Intel Broker is alleged to be the perpetrator behind one of the T-Mobile data breaches.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@redskyalliance.com
Weekly Cyber Intelligence Briefings:
• Reporting: https://www.redskyalliance.org/
• Website: https://www.redskyalliance.com/
• LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424
Comments