Security News > 2021 > August > DeadRinger: A Three-Pronged Attack by Chinese Military Actors against Major Telcos

DeadRinger: A Three-Pronged Attack by Chinese Military Actors against Major Telcos
2021-08-03 04:00

Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos.

The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emissary Panda.

Following the March 2021 news of the Hafnium group using previously unknown Microsoft Exchange exploits, researchers have been examining other attacks against Exchange Server installations.

Today, Cybereason released details of a triple-pronged attack by Chinese military-affiliated groups against cellular network providers in southeast Asia.

The three groups targeting the telcos are Soft Cell, Naikon, and possibly Emissary Panda.

The surprising feature, apart from their stealthy duration, is that three groups, all associated with the Chinese government and often sharing TTPs, have attacked the same targets at the same time - and have even been seen on the same endpoints simultaneously.


News URL

http://feedproxy.google.com/~r/securityweek/~3/5y_WhvgvrlA/deadringer-three-pronged-attack-chinese-military-actors-against-major-telcos