Sustained Campaign Using Chinese Espionage Tools Targets Telcos


Attackers using tools associated with Chinese espionage groups have breached multiple telecom operators in a single Asian country in a long-running espionage campaign.

The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials. The attacks have been underway since at least 2021, with evidence to suggest that some of this activity may even date as far back as 2020. Virtually all of the organizations targeted were telecoms operators, with the addition of a services company that serves the telecoms sector and a university in another Asian country.

Read more…
Source: Symantec


Sign up for our Newsletter


Related:

  • Ukraine sacks ‘corrupt’ cyber defence chiefs

    November 21, 2023

    Ukraine has sacked two top cyber defence officials after they were charged with orchestrating a multi-million pound embezzlement scheme. Yurii Shchyhol and Viktor Zhora, the head and deputy of the Service of Special Communications and Information Protection of Ukraine (SSSCIP), are accused of inflating the value of a software deal for personal gain by £1.4million ($1.7million). Read ...

  • #StopRansomware: Rhysida Ransomware

    November 15, 2023

    The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the MultiState Information Sharing and Analysis Center (MS-ISAC) are releasing this joint CSA to disseminate known Rhysida ransomware IOCs and TTPs identified through investigations as recently as September 2023. Rhysida – an emerging ransomware variant – has predominately been deployed against the education, ...

  • #StopRansomware: Royal Ransomware Update

    November 13, 2023

    The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Royal ransomware IOCs and TTPs identified through FBI threat response activities as recently as June 2023. Since approximately September 2022, cyber threat actors have compromised U.S. and international organizations with Royal ransomware. FBI and ...

  • Australia: Telcos required to report on cybersecurity measures in bid to prevent repeat of 2022 Optus hack

    November 13, 2023

    Australia’s telecommunications companies will be hit with new rules forcing them to update the federal government on their cybersecurity regimes, with the Home Affairs minister worried they have been left to manage their own affairs with limited oversight. Last year’s massive Optus cyber attack forced the issue into the public spotlight, fuelling serious concerns about the ...

  • Judge rules it’s fine for car makers to intercept your text messages

    November 9, 2023

    A federal judge has refused to bring back a class action lawsuit that alleged four car manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record customers’ text messages and mobile phone call logs. Car manufacturers Honda, Toyota, Volkswagen, and General Motors were facing five related privacy class action suits. One ...

  • Gaza in communications blackout as Israel intensifies siege

    October 27, 2023

    The destruction of phone and internet connections has plunged Gaza into a communications blackout and created an information vacuum amid the heaviest aerial bombardment of the war so far. A handful of reports that emerged from the enclave on Saturday depicted chaos and anguish as paramedic teams and aid agencies struggled to coordinate rescue and ...