Chinese state-sponsored threat operation Volt Typhoon reportedly targeted major Singaporean mobile carrier Singapore Telecommunications, with intelligence obtained from such an intrusion then leveraged by the hacking group to compromise U.S. and other Western critical infrastructure, according to BNN Bloomberg.
Attackers behind the Singtel breach utilized a web shell, noted sources close to the matter. Such a webshell was previously reported by Lumen researchers to have been planted on an anonymous Singaporean entity to secure credentials that were later used to infiltrate four U.S.-based organizations and an India-based entity. Despite having been impacted by a malware intrusion in June, Singtel did not have its data or services compromised, noted a spokesperson, who neither confirmed nor denied the attack to be the one reportedly launched by Volt Typhoon. Such a development comes after another Chinese state-backed group Salt Typhoon was reported to have breached AT&T and Verizon, enabling the compromise of devices belonging to the campaigns of former President Donald Trump and Vice President Kamala Harris.