Middle Eastern telecommunications providers have been targeted in a new cyberespionage campaign associated with Operation Soft Cell, which has been led by Chinese state-sponsored threat operation Gallium, reports The Hacker News.
Aside from leveraging the PingPull backdoor featuring extensive obfuscation capabilities, attackers have also used the custom Mimikatz variant dubbed "mim221" that includes novel detection evasion features in the latest campaign, which was ultimately unsuccessful but indicated the continuous evolution of Chinese threat actors' malware arsenal, according to a report from SentinelOne and QGroup.
However, SentinelOne SentinelLabs Senior Director Juan Andres Guerrero-Saade noted that the latest SoftCell activity was not associated with attacks by other Chinese hacking groups WIP26 and BackdoorDiplomacy against telecommunications firms in the Middle East.
"Chinese cyberespionage threat actors are known to have a strategic interest in the Middle East... These threat actors will almost certainly continue exploring and upgrading their tools with new techniques for evading detection, including integrating and modifying publicly available code," said the report.
Critical Infrastructure Security, Threat Management
Middle East telecom providers subjected to Chinese cyberespionage attacks
Share
Related Terms
BackdoorBotnetBrute ForceCovert ChannelsDNS SpoofingDeepfakeDefacementDictionary AttackDistributed ScansDomain HijackingGet daily email updates
SC Media's daily must-read of the most current and pressing daily news