Safety researchers say the Chinese language government-linked hacking group, Salt Hurricane, is continuous to compromise telecommunications suppliers, regardless of the recent sanctions imposed by the U.S. government on the group.
In a report shared with TechCrunch, menace intelligence agency Recorded Future stated it had noticed Salt Typhoon — which the corporate tracks as “RedMike” — breaching 5 telecommunications companies between December 2024 and January 2025.
Salt Hurricane made headlines final September after it was revealed that the group had infiltrated a number of U.S. telephone and web giants, together with AT&T and Verizon, to realize entry to the personal communications of senior U.S. authorities officers and political figures.
Salt Hurricane additionally hacked into the systems that regulation enforcement businesses use for court-authorized assortment of buyer knowledge, probably accessing delicate knowledge such because the identities of Chinese language targets of U.S. surveillance.
Recorded Future declined to call Salt Hurricane’s newest victims, however stated they embrace a U.S.-based affiliate of a outstanding U.Okay. telecommunications supplier; a U.S. web service supplier, and telecommunications corporations in Italy, South Africa and Thailand.
The hackers additionally carried out reconnaissance — the apply of covertly discovering and accumulating details about a system — on a number of infrastructure belongings operated by Myanmar-based telecommunications supplier, Mytel, in response to Recorded Future.
To hold out these assaults, Salt Hurricane exploited two vulnerabilities (tracked as CVE-20232-0198 and CVE-2023-20273) to compromise unpatched Cisco gadgets working Cisco IOS XE software program. The hacking group has tried to compromise greater than 1,000 Cisco gadgets globally, focusing significantly on gadgets related to telecommunications suppliers’ networks, Recorded Future stated.
Recorded Future stated it had additionally noticed Salt Hurricane concentrating on gadgets related to universities, together with the College of California and Utah Tech. The researchers stated the hacking group “probably focused these universities to entry analysis in areas associated to telecommunications, engineering, and expertise.”
The U.S. authorities has sanctioned corporations linked to the group. In January, the U.S. Treasury Division — itself targeted by Chinese government hackers not too long ago — stated it had sanctioned a China-based cybersecurity firm referred to as Sichuan Juxinhe Community Expertise, which it says is instantly linked to Salt Hurricane.
Recorded Future’s researchers say regardless of this motion, it expects Salt Hurricane to proceed concentrating on telecommunications suppliers within the U.S. and elsewhere.
Trending Merchandise
