Cyber attackers are advancing their campaign in stealing sensitive information around the world with suspicious downloads, including 5G technology information from the telco companies. According to McAfee researchers, the cyber attackers are targeting telco companies in Southeast Asia, Europe, and the United States, the operation named Dianxun, this operation campaign also publicly attributed to RedDelta and Mustang Panda, both have a history of hacking, targeting many organizations in the world.
Both RedDelta and Mustang Panda are suspected to be actively exploiting at least 23 telecommunications providers since August 2020, however, the information on how many are hacked was not disclosed.
McAfee Advanced Threat Research (ATR) believes that cyber attackers are luring victims by using a malware domain, stealing information, data collecting, and discovering. McAfee ATR also believes that phishing was used with a disguised Huawei company career page, the design appearing to be indistinguishable, tricking victims into the site, the researchers emphasized that Huawei never involve in such a campaign.
A fake site is designed to deliver to users with the chance of acquiring sensitive data, it’s believed the design is meant to target those with 5G knowledge, stealing 5G information will bring tremendous benefit for cyber attackers to evolve their spiteful attacks. The analysis of attacks suggests that the campaign is still actively compromising telco companies with malicious domains.