Security News > 2021 > August > DeadRinger: A Three-Pronged Attack by Chinese Military Actors against Major Telcos
Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos.
The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emissary Panda.
Following the March 2021 news of the Hafnium group using previously unknown Microsoft Exchange exploits, researchers have been examining other attacks against Exchange Server installations.
Today, Cybereason released details of a triple-pronged attack by Chinese military-affiliated groups against cellular network providers in southeast Asia.
The three groups targeting the telcos are Soft Cell, Naikon, and possibly Emissary Panda.
The surprising feature, apart from their stealthy duration, is that three groups, all associated with the Chinese government and often sharing TTPs, have attacked the same targets at the same time - and have even been seen on the same endpoints simultaneously.
News URL
Related news
- US sanctions Chinese firm for hacking firewalls in ransomware attacks (source)
- US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks (source)
- US names Chinese national it alleges was behind 2020 attack on Sophos firewalls (source)
- US Sanctions Chinese Cybersecurity Firm for 2020 Ransomware Attack (source)