Security researchers say that the Chinese government -related hacking group, Salt Typhoon, telecommunications providers will continue to compromise, despite the recent sanctions imposed on the group by the US government.
In a report that was shared with JS, said Threat Intelligence company Future, said the Salt Typhoon had noticed – that the company follows as “Redmike” – which broke five telecommunication companies between December 2024 and January 2025.
Salt Typhoon made the headlines last September after it was revealed that the group had infiltrated various American telephone and internet giants, including AT&T and Verizon, to gain access to the private communication of high American government officials and political figures.
Zout typhone has also hacked the systems that use law enforcement agencies for collecting customer data from the court, which may have access to sensitive data such as the identities of Chinese goals of the American monitoring.
Future refused to call the newest victims of Salt Typhoon, but said that they include a branch -based branch of a prominent British telecommunications provider; An American internet provider and telecommunication companies in Italy, South Africa and Thailand.
The hackers also performed exploration of the practice of secret discovery and collecting information about a system-on multiple infrastructure assets managed by Myanmar-based telecommunications provider, Mytel, according to recorded future.
To carry out these attacks, SALT Typhoon operated two vulnerabilities (followed as CVE-20232-0198 and CVE-2023-20273) to jeopardize non-patched Cisco devices with Cisco iOS XE software. The hacking group has tried to jeopardize more than 1,000 Cisco devices worldwide, in particular aimed at devices related to the networks of telecommunications, Future said.
Recorded Future said it also had Salt Typhoon -targeting devices observed associated with universities, including the University of California and Utah Tech. The researchers said that the hacking group “these universities might have focused on research in areas with regard to telecommunications, engineering and technology.”
The US government has punished companies that are related to the group. In January, the US Department of Finance himself said the target of the Chinese government hackers on it on the China that it had a cyber security company that was known as Sichuan Juxinhe Network Technology, which it says is directly linked to Salt Typhoon.
Recorded Future’s researchers say that despite this action, Salt Typhoon expects to continue to focus on telecommunications providers in the US and elsewhere.
