Salt Typhoon targets telcos again with backdoor GhostSpider malware

Salt Typhoon targets telcos again with backdoor GhostSpider malware




  • Trend Micro discovers brand new backdoor called GhostSpider
  • It can exfiltrate sensitive data and tamper with the OS
  • It was used by a Chinese state-sponsored threat actor known as Salt Typhoon

Infamous Chinese state-sponsored threat actor Salt Typhoon has been seen using a brand new backdoor malware to target telecommunication service providers.

A report from cybersecurity professionals Trend Micro analyzed the backdoor, called GhostSpider, noting it is used in long-term cyber-espionage operations, with its key stealth mechanisms include remaining exclusively in memory, and encrypting its communication with the C2 server.



Source link

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *