Salt Typhoon targets telcos again with backdoor GhostSpider malware




  • Trend Micro discovers brand new backdoor called GhostSpider
  • It can exfiltrate sensitive data and tamper with the OS
  • It was used by a Chinese state-sponsored threat actor known as Salt Typhoon

Infamous Chinese state-sponsored threat actor Salt Typhoon has been seen using a brand new backdoor malware to target telecommunication service providers.

A report from cybersecurity professionals Trend Micro analyzed the backdoor, called GhostSpider, noting it is used in long-term cyber-espionage operations, with its key stealth mechanisms include remaining exclusively in memory, and encrypting its communication with the C2 server.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *