Security News > 2021 > March > McAfee, the company, says Chinese attackers targeted Asian and US telcos
Security vendor McAfee has detected an attack it believes was likely aimed at telecoms companies in the hope of stealing information related to 5G networks.
McAfee has named the attack "Operation Diànxùn" and says it resembles past attacks perpetrated by groups named RedDelta and Mustang Panda.
The attack begins, McAfee's researchers assert, with visits to a faked Huawei careers page.
"One of the main differences from past attacks is the lack of use of the PlugX backdoor. However, we did identify the use of a Cobalt Strike backdoor," the researchers write.
McAfee telemetry suggested "Possible targets based in Southeast Asia, Europe, and the US were discovered in the telecommunication sector" along with "Strong interest in German, Vietnamese and India telecommunication companies."
McAfee also suggests the attack should not be vastly difficult to defend, by - surprise! - using its products.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/03/18/operation_dianxun/
Related news
- US Chip Export Rule Proposes Limits to Thwart Chinese GPUs (source)
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)
- FBI deletes Chinese PlugX malware from thousands of US computers (source)
- China's Salt Typhoon spies spotted on US govt networks before telcos, CISA boss says (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)