🚨 CYBER INTELLIGENCE ALERT: 🇨🇱 [UNCONFIRMED / CRITICAL] INTERNAL ACCESS TO TELECOMMUNICATIONS — VTR CHILE [STATUS: UNCONFIRMED / NETWORK INFRASTRUCTURE COMPROMISE] A post originating from the Telegram channel of a threat actor named "Rutify" has been detected. The visual evidence processed in the screenshots, , demonstrates that the attacker has gained direct administrative access to the internal provisioning, network management, and customer control panel of the telecommunications company VTR Chile. 📂 Technical Analysis of the Visible Evidence The screenshots reveal access to an internal web administration panel with deep privileges over the provisioning of fixed and mobile services for VTR Chile. Three major risk vectors were identified based on the exposed modules: 1. Network and Critical Infrastructure Management (Network & Provisioning) The system's sidebar exposes operational menus that compromise the ISP's network: Node Status & CMTS Pools: Control over the status of CMTS (Cable Modem Termination System) nodes and pools, the core infrastructure that connects VTR's broadband customers' cable modems. DHCP Leases & Traffic Stats: Access to the network's IP address assignments and real-time traffic statistics. Provisioning (Job Queue / Config Templates): An active job queue with 12 pending requests and configuration templates. Modifying these templates would allow an attacker to alter the physical provisioning of customer services. 2. Geographic Infrastructure Mapping (Chile Nodes) The screenshots show key identifiers from the internal network naming convention that confirm the geographic impact on Chilean municipalities and infrastructure: SCL-LAS-COND-07 and SCL-CMTS-04: Direct references to infrastructure located in Santiago, Chile (SCL), specifically in the Las Condes municipality. VLP-CENTRO-01: Infrastructure assigned to the Valparaíso region (VLP). CCP-NORTE-02: Nodes linked to the Concepción / Biobío region (CCP). 3. PII Exfiltration and Financial Plan Control The "Account Detail" section and plan modules demonstrate the ability to extract and alter critical customer data in Chile: Exposed Identity Fields: The system stores and allows searches using the RUT (Tax ID), subscriber number, account number, service number, and the customer's current IP address, as well as sensitive mobile identifiers such as the ICCID (SIM card serial number) and IMSI (International Mobile Subscriber Identity). Financial Rate Manipulation: A live query shows an active plan named "Postpago 50GB — " (Chilean Pesos). The panel displays a menu for immediate plan changes under the CUST_REQUEST (customer request) order type, meaning the attacker can alter the company's billing systems. 🛡️ Recommended Actions (Defensive Measures) Perimeter Blocking and Session Revocation: The VTR Chile/ClaroVTR security team must be alerted urgently to identify access logs for their provisioning tools (specifically the backend modules shown in the screenshots), revoke all active web sessions, and enforce the strict use of hardware-based multi-factor authentication (MFA). VECERT TOOLS Strategic Monitoring Tools & Intelligence Platform: 🌐 analyzer.vecert.io Security Verification & Monitoring: 🛡️ monitor.vecert.io #CyberSecurity 🔐 #Chile 🇨🇱 #VTR #ClaroVTR #DataBreach 📁 #Telecoms #SIMSwapping #RUT #InitialAccess #ThreatIntelligence 📊 #VECERT 🏢

some simswapping russian lardass got into my account. lol

Policía Cibernética alerta por nueva extorsión 'SIM Swapping' #SIMSwapping #PolicíaCibernética #FraudeDigital #RoboDeIdentidad #Ciberseguridad 📷📷📷

it is a little impossible for me becuse of simswapping but last year i send you a number i remember

Early SIM swapping wasn't about major fraud, but a shrewd tactic to snatch up coveted social media handles. A surprising digital land grab. #SIMSwapping #SocialMedia

⚖️ | La Superintendencia de Industria y Comercio (@sicsuper) multó a Colombia Telecomunicaciones (Movistar, @PtelefonicaCol) con más de 1,358 millones de pesos por SIM Swapping. El operador omitió el uso de herramientas tecnológicas idóneas para la verificación de identidad en reposición de SIM card, facilitando fraudes bancarios a sus usuarios. Lee los detalles de la resolución en DPL News 👇 🔗 dplnews.com/multan-a-movista… #Telecom #Movistar #SIMSwapping #Colombia #Regulación

my problem is the simswapping so i cannot use a normal telphone but there have to be another way to receive the money for a fund

Dudes will say DeFi is unsafe when most banks still use SMS 2FA only and every major mobile provider is 3 questions away from simswapping you. smh

i already said it many times i have no possibility because of simswapping

that is right because i cannot do it because of simswapping

🚨 STRATEGIC CYBERINTELLIGENCE ALERT: ANATOMY OF THE CaaS PLATFORM IN COLOMBIA 🇨🇴 ⚠️ TECHNICAL BREAKDOWN OF THE CRIMINAL INTELLIGENCE BOT AND THE EROSION OF DATA PRIVACY [STATUS: ACTIVE TOOL / CRIME-AS-A-SERVICE MODEL / EXTREME RISK OF FINANCIAL FRAUD AND EXTORTION] The cybercrime ecosystem targeting Colombia has evolved toward industrialization. The detected tool is not merely a leaked database, but a sophisticated Crime-as-a-Service (CaaS) engine operated via Telegram (attributed in recent investigations to the threat actor ɪʀᴏɴ ᴀᴛʟᴀꜱ). This platform enables any criminal—regardless of their technical proficiency—to perform real-time queries (utilizing both OSINT and private databases) to comprehensively profile any Colombian citizen, thereby facilitating attacks. 🧠 TECHNICAL ANATOMY OF THE PLATFORM The success of this bot lies in its distributed client-server architecture and its ability to unify disparate data sources into a single, user-friendly interface. 1. Operator Interface (Frontend - Telegram) Anonymity and Accessibility: By being hosted on Telegram, the bot inherits the application's privacy infrastructure, making it difficult to trace the IP address of the operator (the criminal client) as well as that of the central server. Query Modules: The interface offers an interactive menu featuring predefined commands. The criminal simply needs to input an initial data point—such as a national ID number, a phone number, or an email address—to trigger a massive, cascading search. 2. Correlation Engine and Backend (The Core) Microservices Architecture: Behind the Telegram bot lies a backend server (likely hosted in "bulletproof" jurisdictions) that receives the request and simultaneously distributes it to multiple extraction scripts (scrapers) and APIs. Data Enrichment: If a cybercriminal enters a phone number, the engine queries telecommunications providers to obtain the name of the account holder. It then takes that name and queries the National Registry Office to retrieve the corresponding National ID number. Using the National ID, it queries the DIAN (Tax Authority), the Traffic Registry (RUNT), and credit bureaus. Structured Output: The engine compiles all this information into a clean, structured report (a "Dossier") that is delivered to the client within seconds. 🗄️ DATA SOURCE ECOSYSTEM (DATA PIPELINE) To achieve this level of detail, the platform has successfully channeled—through the theft of API credentials, the exploitation of web vulnerabilities, or the purchase of access from insiders—three major information verticals: 🏛️ Government and Public Infrastructure: Identity and Demographics: National Civil Registry (validation of biometric data and National IDs) and Migration Colombia. Taxes and Property: DIAN (Tax Registry/RUT, business activity), IGAC (Cadastre/real estate records), and RUNT (vehicle ownership, mandatory insurance/SOAT, traffic fines). Security and Defense: National Police, Inspector General's Office, and Military Forces (criminal records, disciplinary records, and military service status). 🏢 Private Sector and Telecommunications: Operators (Telcos): Claro, Tigo, Movistar, and WOM. This enables the association of identities with mobile numbers—a capability fundamental to SIM hijacking (line hijacking) attacks. Comprehensive Healthcare: ADRES, EPS (Health Service Providers), and Insurance Companies (Sura, Seguros Bolívar). 🏴‍☠️ Underground Sources (Dark Web): Integration with historical data breaches and records derived from "Infostealers" (malware designed to steal passwords and browser cookies from infected systems). 💸 IMPACT ON FINANCIAL INVESTIGATIONS AND CRIMINAL TTPs The integration of queries directed at credit bureaus (Datacrédito, TransUnion) and banking institutions transforms this bot into a lethal weapon against the financial sector. Attackers leverage this infrastructure to execute the following Tactics, Techniques, and Procedures (TTPs): SIM Swapping Fraud: Armed with Telco data and the victim's full identity, the scammer impersonates the victim—either in person at a retail branch or over the phone—to port the phone number to a new SIM card, thereby intercepting one-time passwords (OTPs) sent via SMS by banks. Highly Personalized Extortion: Criminals select victims based on their tax filings (DIAN) or vehicle ownership records (RUNT). These extortion calls feature specific details regarding the victim's vehicles, immediate family members, and home address, thereby drastically increasing the likelihood of payment through intimidation. #CyberSecurity #Colombia #CrimeAsAService #OSINT #DataBreach #FinancialFraud #ThreatIntelligence #CiberAlerta #VECERT #Infosec #SIMSwapping

vibecoding and larping and simswapping 👀👀

nobody is simswapping u dw about it, just change ur apple acc passwords and disconnect all sessions

i have to do with simswapping so no telnr is to trust

#USA4USA #USA #deathtower #6G with #5G #4G #LTE etc again just asking...#deathtower #6G &/or devices #illegal in #USA still? If so can #USA #LawEnforcement etc use their #7G etc #StingRay program #2catch #2arrest etc #6G etc in #USA? #EndSIMswapping #EndSwappingSIM #simswapping

3/11 Segundos después: señal muerta. Mi línea móvil de más de 10 años pasó a manos de un desconocido en tiempo real. @ClaroColombia cambio la titularidad de mi linea y se la entregó a los delincuentes. Con eso podían acceder a los OTP que envían los bancos. El famoso #SIMSwapping

1/11 🚨 ¿Sabías que un operador celular puede entregarle tu número de teléfono a un delincuente en minutos, rompiendo toda tu seguridad digital y vaciando tus cuentas? Abro hilo sobre cómo fui víctima de un ataque de #SIMSwapping y la absoluta negligencia de @ClaroColombia

and the simswapping of uzi fans

it is very difficult for me now because of the simswapping to have good conversations so only by email i can respond

my problem is the cybercrime and simswapping now so it have to be in one other way