Chinese hackers target telecom companies worldwide

San Francisco: A hacking group, believed to be working out of China, is reportedly targeting telecom companies around the world in a bid to steal 5G technology secrets, among other sensitive information.

Telecommunications providers in Southeast Asia, Europe and the US are being targeted as part of the campaign uncovered by researchers at cybersecurity company McAfee, ZDNet reported on Tuesday.

The campaign has believed to have targeted at least 23 telecommunications companies.

However, it is not clear how many of these targeted companies have actually been compromised.

The group behind the campaign is dubbed Operation Dianxun.

The tactics, techniques and procedures (TTPs) used in the attack are like those observed in earlier campaigns publicly attributed to the threat actors RedDelta and Mustang Panda. 

Most probably this threat is targeting people working in the telecommunications industry and has been used for espionage purposes to access sensitive data and to spy on companies related to 5G technology, McAfee said in a blog post.

While the initial vector for the infection is not entirely clear, the McAfee cybersecurity team believes that victims were lured to a domain under control of the threat actor, from which they were infected with malware which the threat actor leveraged to perform additional discovery and data collection. 

“It is our belief that the attackers used a phishing website masquerading as the Huawei company career page,” explained McAfee regional solutions architect, Andrea Rossini.

However, Huawei itself is not involved in the cyber-espionage campaign, according to the researchers.