A hacker gained administrative entry to the community administration system of Fibex Telecom, a Venezuelan web supplier with roughly 390,000 energetic clients, in line with the cybersecurity agency VECERT Analyzer on April 7. The attacker, recognized as ‘x00x01x01’, revealed proof of that entry on X, together with screenshots of the panel that controls the corporate’s fiber optic infrastructure and person names.
The alleged hacker additionally posted a video on X that he claims reveals that took management over the supplier’s providersand included Fibex usernames as a part of the exams.
The hacker accompanied the publication with a message that mixes an accusation and a risk: «Fibex Telecom passes its shoppers’ site visitors via Chinese language gadgets on Cantv (dpi). Ought to I flip all the pieces off?
With that phrase, the attacker claims that Fibex routes its customers’ looking via gear put in at Cantv, Venezuela’s state telecommunications firm, the place deep packet inspection (DPI) can be utilized, a way that enables monitoring and analyzing the content material of web site visitors.
Having taken management of the Fibex administration panel, the attacker claims to have entry to that infrastructure chain, which might give him the means to depart tons of of 1000’s of customers with out web service.
A Venezuelan information account reported that Fibex Telecom issued a press release through which ensured regular operation of its platform and claimed to have “the best safety protocols”, though CriptoNoticias couldn’t confirm that assertion.
What permits entry to the compromised panel?
The system compromised in Fibex is SmartOLT, a fiber optic infrastructure administration panel that permits you to remotely handle the gear that distributes the web sign to finish customers. Whoever accesses that panel can management which customers are logged in, authorize or disconnect gadgetsmodify community configurations and entry diagnostic knowledge of the nodes.
In easy phrases: entry to the panel is equal to having the keys to the management room of your entire community. With this entry, an attacker can selectively or massively interrupt the service with out requiring bodily intervention within the infrastructure.
In response to VECERT, the affected nodes correspond to areas of Pastora, La Victoria, Tipuro, San Juan de los Morros and Los Samaneswith gear from producers Huawei and ZTE.
The evaluation agency’s report additionally emphasizes that the hacker has the flexibility to remotely disconnect customers, modify machine authorizations, entry community diagnostics and procure geolocation knowledge and operational standing of important nodes.
A digital ecosystem below recurring assault
The Fibex Telecom incident It’s not an remoted case within the Venezuelan digital ecosystem. As reported by CriptoNoticias, on March 16 VECERT Analyzer alerted a few knowledge leak of greater than 56,000 BT Journey Venezuela shoppers, attributed to the actor often called “malconguerra2”, the identical individual liable for the hack of Cashea, a Venezuelan fintech compromised in February 2026 with a database of roughly 46.5 GB and greater than 79 million information.
In these circumstances add others reported by CriptoNoticias in March: Hacker “GordonFreeman” leaked knowledge from Yummy Rides and Rapikom, the drain of over $300,000 in USDC from Kontigo in January, and the MedusaBlog group’s assault on Digitel in February 2024, which included a ransom demand for $5 million in Bitcoin.
The sample that emerges is that of a digital ecosystem with recurring publicity to risk actors working with completely different targets: from the theft of private and monetary knowledge to entry to important telecommunications infrastructure. In not one of the latest circumstances did the affected corporations subject official statements earlier than the knowledge was revealed by exterior safety researchers.
