zCat on Nostr: Salt Typhoon hackers backdoor telcos with new GhostSpider malware The Chinese ...
Salt Typhoon hackers backdoor telcos with new GhostSpider malware
The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers.
The backdoor was discovered by Trend Micro, which has been monitoring Salt Typhoon's attacks against critical infrastructure and government organizations worldwide.
Along with GhostSpider, Trend Micro discovered that the threat group also uses a previously documented Linux backdoor named 'Masol RAT,' a rootkit named 'Demodex,' and a modular backdoor shared among Chinese APT groups named 'SnappyBee.'
See more: https://www.bleepingcomputer.com/news/security/salt-typhoon-hackers-backdoor-telcos-with-new-ghostspider-malware/
#cybersecurity #salttyphoon #ghostspider
The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers.
The backdoor was discovered by Trend Micro, which has been monitoring Salt Typhoon's attacks against critical infrastructure and government organizations worldwide.
Along with GhostSpider, Trend Micro discovered that the threat group also uses a previously documented Linux backdoor named 'Masol RAT,' a rootkit named 'Demodex,' and a modular backdoor shared among Chinese APT groups named 'SnappyBee.'
See more: https://www.bleepingcomputer.com/news/security/salt-typhoon-hackers-backdoor-telcos-with-new-ghostspider-malware/
#cybersecurity #salttyphoon #ghostspider
quoting nevent1q…qja4China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks
A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection.
Cybersecurity company CrowdStrike is tracking the adversary under the name Liminal Panda, describing it as possessing deep knowledge about telecommunications networks, the protocols that undergird telecommunications, and the various interconnections between providers.
The threat actor's malware portfolio includes bespoke tools that facilitate clandestine access, command-and-control (C2), and data exfiltration.
See more
The Hackers News: https://thehackernews.com/2024/11/china-backed-hackers-leverage-sigtran.html
Infosecurity magazine:
https://www.infosecurity-magazine.com/news/tmobile-breached-chinese/
#cybersecurity #c2 #hack #SaltTyphoon