Chinese state hackers target telcos with new malware toolkit
Summary
A China-linked threat actor, UAT-9244, has been actively targeting telecommunication providers in South America since 2024. They have developed and deployed a new malware toolkit that compromises Windows, Linux, and network-edge devices.
IFF Assessment
FOE
This is bad news for defenders as a sophisticated state-sponsored actor is actively targeting critical infrastructure with advanced malware.
Defender Context
Defenders should be aware of this new threat actor and their focus on telecommunication providers. Organizations should enhance their detection and response capabilities for compromised Windows, Linux, and network devices, especially if operating in or connected to South America.