#salt-typhoon

#salt-typhoon

Salt Typhoon, also known as Earth Estries, FamousSparrow, GhostEmperor, and UNC5807, is the name given to an advanced persistent threat actor with ties to China. Known to be active since 2019, the group gained prominence last year following its attacks on telecommunications services providers, energy networks, and government systems in the U.S. The adversary has a track record of exploiting security flaws in edge devices, maintaining deep persistence, and exfiltrating sensitive data from victims in more than 80 countries across

Salt Typhoon is an espionage gang linked to the People's Republic of China that hacked America's major telecommunications firms and stole metadata and other information belonging to " nearly every American," according to a top FBI cyber official who spoke with The Register about the intrusions. The crew's actions against US telcos came to light last year; however, it has been active since at least 2019.

The agency tasked with protecting the president and vice president did not share evidence of a specific plot or threat against world leaders during the annual gathering. However, the U.S. Secret Service Director Sean Curran said that the "potential" for damage was significant, ranging from disabling regional cellphone towers to facilitating communications between criminals and foreign adversaries. The network could also likely be used for espionage.

Salt Typhoon is the People's Republic of China spying gang that hacked America's major telecommunications firms and stole metadata and other information belonging to " nearly every American," according to a top FBI cyber official who spoke with The Register about the intrusions. UNC4841 is best known for a series of 2023 attacks that targeted CVE-2023-2868, a critical bug in some Barracuda Email Security Gateways, to deploy custom malware and maintain access to high-value networks, about a third of which belonged to government organizations.