Chinese hackers use custom malware to spy on US telecom networks

The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. Salt Typhoon (aka Earth Estries, GhostEmperor, and UNC2286) is a sophisticated hacking group active since at least 2019, primarily focusing on breaching government entities and telecommunications companies. Recently, the U.S. authorities have confirmed that Salt Typhoon was behind several successful breaches of telecommunication service providers in the U.S., including Verizon, AT&T, Lumen Technologies, and T-Mobile. It was later revealed that Salt Typhoon managed to tap into the private communications of some U.S. government officials and stole information related to court-authorized wiretapping requests. Last week, the Recorded Future's Insikt Group reported that Salt Typhoon targeted over 1,000 Cisco network devices, more than half from the U.S., South Amer ... Read full article.