China (APT10): A new campaign called Operation Soft Cell has been announced, and it has been going on for years. Being carried out by the Chinese Cyberespionage group APT10, it has been reported that they have managed to break into the systems of different mobile telecommunications companies. Although not actually accessing the communications of victims, the group still managed to get SIM card information, call records and cell tower location, which is enough information for the group to get an insight into one’s life. This information alone would allow the attackers to see where one works, routes they drive, when they wake up and go to bed and along with this, they can begin to build a profile about that person along with identifying family members and co-workers. The group managed to gain a foothold into the networks of these cellular carriers eventually making their own tunnel to access the networks whenever they wanted. An attack like this, which targeted so many companies for so long at once, is a reason to believe that this is a state-sponsored attack, along with not one, but multiple different samples of software which were found in the networks which can be linked back to Chinese actors.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased