Security Research Institute says Salt Typhoon, a Chinese government -related hacking group, continues to compromise the telecommunication providers despite the recent sanctions imposed by the US government.
In a shared report with TechCrunch, Theatring Intelligence Firm said Future observed Salt Typhoon, which violated five telecommunications companies between December 2024 and January 2025.
In September, Salt Typhoon penetrated the group to various US telephone and Internet giants, including AT & T and Verizon, to create a headline for access to personal communications of US government officials and political figures.
Salt Typhoon was also able to potentially access the system that the law enforcement agency used to collect the court approved customer data and access sensitive data such as the identity of the Chinese goal of the US.
The recorded future said that it did not reveal the name of Salt Typhoon’s latest victims, but included a subsidiary based in the United States of a prominent British telecommunications provider. Italy, South Africa and Thailand’s US Internet service providers and telecommunications companies.
The hackers also performed Reconnaissance, a practice of secretly discovering and collecting information about the system for various infrastructure assets operated by Myanmar -based telecommunications provider Mytel.
To carry out these attacks, Salt Typhoon used two vulnerabilities (tracking to CVE-20232-0198 and CVE-2023-20273) to damage the unpatched CISCO device that executed the Cisco iOS XE software. The hacking group has attempted to compromise more than 1,000 CISCO devices worldwide, especially on devices related to networks of telecommunications suppliers, Future said.
The recorded Future also said it has also observed a salt typhoon targeting device related to universities, including the University of California and Utah. The researchers said that the hacking group would have targeted these universities to approach research in fields related to telecommunications, engineering and technology.
The US government has sanctioned a group related to the group. In January, the US Treasury, which was targeted by the Chinese government hacker, said it has sanctioned China -based cyber security firms, known as the Sichuan Juxinhe Network technology.
The recorded Future researchers expect Salt Typhoon a goal for telecommunications suppliers elsewhere and elsewhere.
