H Hightlight

The largest Russian Telecom company Tele2 monitors subscribers using a script

image

The company is totally out of line and distributes its malicious scripts through CDN, which allows it to receive information about any customer actions.
In the 21st century, it is becoming increasingly difficult to keep your personal data safe. Now providers began to get into the personal territory of Internet users. Earlier, another Russian Telecom company Beeline was noticed in violation of confidentiality, which distributed spam ads directly on websites using the virus.
Recently it was found out that Tele2 is monitoring subscribers using a dangerous script. The company gets access to the data due to the mass implementation of scripts via CDN.
Clients of the operator did not even suspect that they were being watched The script, which Tele2 worked hard to distribute. It was designed to display additional advertising on the site, and also with its help, it is possible to calculate keywords for the formation of targeted advertising. The provider managed to do this using HTTP links, instead of HTTPS.
So, this mechanism can allow third parties not only to monitor the activity of subscribers but also to fully monitor all activities.
Experts believe that such actions of telecommunications companies are not a way to profit from advertising, everything is much more serious.
At the moment Tele2 is one of the largest companies in Russia, which is engaged in the establishment of 5G network. This means that it has access to many channels and servers. Soon all devices of Russians will become infected after successful integration of 5G network. It is possible that this data is transmitted to the authorities of the country, since at the moment the Network is the only area where the government does not have the authority for total control, so they are forced to obtain it in such a fraudulent way.
Recall that EhackingNews previously published information that providers of Kazakhstan persuade customers to install a "state trusted certificate" on all devices, which will allow intercepting all encrypted traffic of the country in order to protect citizens from cyber threats and illegal content. Telecom operators warn that if the certificate is absent, then customers may encounter problems accessing certain Internet resources.

Read more