Topics
Latest
AI
Amazon
Image Credits:Getty Images
Apps
Biotech & Health
clime
Image Credits:Getty Images
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fund raise
gismo
Gaming
Government & Policy
Hardware
layoff
Media & Entertainment
Meta
Microsoft
concealment
Robotics
Security
Social
Space
Startups
TikTok
shipping
speculation
More from TechCrunch
case
Startup Battlefield
StrictlyVC
Podcasts
video
Partner Content
TechCrunch Brand Studio
Crunchboard
get hold of Us
Security researchers say the Chinese government - linked hacking group , Salt Typhoon , is continuing to compromise telecommunications provider , despite therecent indorsement levy by the U.S. governmenton the group .
In a report partake with TechCrunch , threat news firm Recorded Future say it had observedSalt Typhoon — which the company tracks as “ RedMike ” — breaching five telecommunication firms between December 2024 and January 2025 .
Salt Typhoon made headline last September after it was uncover that the mathematical group had infiltrate several U.S. phone and cyberspace giants , including AT&T and Verizon , to gain access to the private communications of senior U.S. government official and political figures .
Salt Typhoon alsohacked into the systemsthat law enforcement way apply for court - authorized collection of customer data , potentially accessing sensitive information such as the identities of Chinese target of U.S. surveillance .
Recorded Future refuse to name Salt Typhoon ’s late victim but said they admit a U.S.-based affiliate of a striking U.K. telecommunications supplier , a U.S. internet service provider , and telecommunications companies in Italy , South Africa , and Thailand .
The hacker also performed reconnaissance mission — the practice of covertly discovering and collect info about a system — on multiple infrastructure assets operated by Myanmar - base telecommunication provider , Mytel , allot to Recorded Future .
To carry out these flak , Salt Typhoon exploited two vulnerabilities ( tracked as CVE-20232 - 0198 and CVE-2023 - 20273 ) to compromise unpatched Cisco devices running Cisco IOS XE software . The hacking group has attempted to compromise more than 1,000 Cisco devices globally , focusing particularly on devices associated with telecommunications supplier ’ networks , Recorded Future said .
Join us at TechCrunch Sessions: AI
Exhibit at TechCrunch Sessions: AI
Recorded Future also said it had observed Salt Typhoon targeting equipment associated with universities , include the University of California and Utah Tech . The researcher said the hacking group “ possibly targeted these university to get at research in area related to telecommunications , engineering science , and technology . ”
The U.S. regime has sanctioned companies linked to the mathematical group . In January , the U.S. Treasury Department — itself targeted by Chinese government hackersrecently — said it had sanctioned a China - based cybersecurity caller jazz as Sichuan Juxinhe connection Technology , which it pronounce is straight off connect to Salt Typhoon .
commemorate Future ’s research worker say despite this action , it expects Salt Typhoon to carry on targeting telecommunications provider in the U.S. and elsewhere .
