Security News > 2021 > March > McAfee, the company, says Chinese attackers targeted Asian and US telcos
Security vendor McAfee has detected an attack it believes was likely aimed at telecoms companies in the hope of stealing information related to 5G networks.
McAfee has named the attack "Operation Diànxùn" and says it resembles past attacks perpetrated by groups named RedDelta and Mustang Panda.
The attack begins, McAfee's researchers assert, with visits to a faked Huawei careers page.
"One of the main differences from past attacks is the lack of use of the PlugX backdoor. However, we did identify the use of a Cobalt Strike backdoor," the researchers write.
McAfee telemetry suggested "Possible targets based in Southeast Asia, Europe, and the US were discovered in the telecommunication sector" along with "Strong interest in German, Vietnamese and India telecommunication companies."
McAfee also suggests the attack should not be vastly difficult to defend, by - surprise! - using its products.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/03/18/operation_dianxun/
Related news
- US says Chinese hackers breached multiple telecom providers (source)
- Reminder: China-backed crews compromised 'multiple' US telcos in 'significant cyber espionage campaign' (source)
- Chinese cyberspies, Musk’s Beijing ties, labelled ‘real risk’ to US security by senator (source)
- China has utterly pwned 'thousands and thousands' of devices at US telcos (source)
- Salt Typhoon's surge extends far beyond US telcos (source)
- 8 US telcos compromised, FBI advises Americans to use encrypted communications (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)