A hacker gained administrative entry to the community administration system of Fibex Telecom, a Venezuelan web supplier with roughly 390,000 energetic clients, based on the cybersecurity agency VECERT Analyzer on April 7. The attacker, recognized as ‘x00x01x01’, printed proof of that entry on X, together with screenshots of the panel that controls the corporate’s fiber optic infrastructure and person names.
The alleged hacker additionally posted a video on X that he claims exhibits that took management over the supplier’s providersand included Fibex usernames as a part of the assessments.
The hacker accompanied the publication with a message that mixes an accusation and a risk: «Fibex Telecom passes its purchasers’ site visitors by way of Chinese language gadgets on Cantv (dpi). Ought to I flip every part off?
With that phrase, the attacker claims that Fibex routes its customers’ shopping by way of tools put in at Cantv, Venezuela’s state telecommunications firm, the place deep packet inspection (DPI) could be utilized, a method that permits monitoring and analyzing the content material of web site visitors.
Having taken management of the Fibex administration panel, the attacker claims to have entry to that infrastructure chain, which might give him the means to depart a whole lot of 1000’s of customers with out web service.
A Venezuelan information account reported that Fibex Telecom issued a press release by which ensured regular operation of its platform and claimed to have “the very best safety protocols”, though CriptoNoticias couldn’t confirm that assertion.
What permits entry to the compromised panel?
The system compromised in Fibex is SmartOLT, a fiber optic infrastructure administration panel that means that you can remotely handle the tools that distributes the web sign to finish customers. Whoever accesses that panel can management which customers are logged in, authorize or disconnect gadgetsmodify community configurations and entry diagnostic knowledge of the nodes.
In easy phrases: entry to the panel is equal to having the keys to the management room of the whole community. With this entry, an attacker can selectively or massively interrupt the service with out requiring bodily intervention within the infrastructure.
In response to VECERT, the affected nodes correspond to areas of Pastora, La Victoria, Tipuro, San Juan de los Morros and Los Samaneswith tools from producers Huawei and ZTE.
The evaluation agency’s report additionally emphasizes that the hacker has the power to remotely disconnect customers, modify gadget authorizations, entry community diagnostics and acquire geolocation knowledge and operational standing of important nodes.
A digital ecosystem below recurring assault
The Fibex Telecom incident It isn’t an remoted case within the Venezuelan digital ecosystem. As reported by CriptoNoticias, on March 16 VECERT Analyzer alerted a few knowledge leak of greater than 56,000 BT Journey Venezuela purchasers, attributed to the actor generally known as “malconguerra2”, the identical particular person chargeable for the hack of Cashea, a Venezuelan fintech compromised in February 2026 with a database of roughly 46.5 GB and greater than 79 million data.
In these circumstances add others reported by CriptoNoticias in March: Hacker “GordonFreeman” leaked knowledge from Yummy Rides and Rapikom, the drain of over $300,000 in USDC from Kontigo in January, and the MedusaBlog group’s assault on Digitel in February 2024, which included a ransom demand for $5 million in Bitcoin.
The sample that emerges is that of a digital ecosystem with recurring publicity to risk actors working with totally different goals: from the theft of private and monetary knowledge to entry to important telecommunications infrastructure. In not one of the latest circumstances did the affected corporations situation official statements earlier than the knowledge was printed by exterior safety researchers.
