China-Linked Cyber-Espionage Group Mustang Panda is Targeting Telecommunications

Telecommunications

According to McAfee security researchers, the China-linked cyber-espionage organisation Mustang Panda is targeting telecommunications companies in Asia, Europe, and the United States for espionage purposes.

The threat actor, also known as RedDelta and TA416, has been linked to the targeting of individuals connected to the Vatican-China Communist Party diplomatic relations, as well as some entities in Myanmar.

According to McAfee, the latest malware attacks use the same methods, strategies, and procedures (TTPs) as Mustang Panda. The initial vector of infection has yet to be identified, but the researchers suspect that victims were lured to a fake website designed to look like Huawei’s official career site.

The first stage of the attack uses a fake Flash application and a phishing page that looks just like the original website, while the second stage uses a.

The net payload was used to further infiltrate the system by installing and handling backdoors. As a third stage, a Cobalt Strike beacon payload is shipped.

The new attacks, known as Operation Diànxùn, were directed at telecommunications companies in Southeast Asia, Europe, and the United States. According to McAfee, the adversary is particularly interested in German, Vietnamese, and Indian telecommunications firms.

“Given the use of the fake Huawei website, we have high confidence that this campaign was targeted at the telecommunications industry. “We have a modest degree of trust that the impetus behind this initiative is related to the global ban on Chinese technology in 5G deployment,” McAfee says.

SEE ALSO:
PokerTracker.com Hacked to Inject Payment Card Stealing Script

According to the researchers, the campaign was aimed at stealing confidential or classified information related to 5G technology. According to McAfee, there is no evidence that Huawei was knowingly involved in the attacks.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
vulnerability

Vulcan Cyber Today Announced Raised $21 Million in Series B Funding

Next Post
attack IoT devices

Weirdest and Wildest IoT Hacks

Related Posts