Cyberwarfare: China-Linked UAT-7290 usually active in South Asia expands its espionage-focused intrusions into Southeastern Europe, targeting telecoms

thehackernews.com

Cyberwarfare: China-Linked UAT-7290 usually active in South Asia expands its espionage-focused intrusions into Southeastern Europe, targeting telecoms

thehackernews.com

Sepia@mander.xyz to

EuropeEnglish · 8 days ago

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

thehackernews.com

Cisco Talos reports China-linked UAT-7290 spying on telecoms since 2022 using Linux malware, edge exploits, and ORB infrastructure for access.

cross-posted from: https://mander.xyz/post/45241581

TL;DR:

China-linked threat actor UAT-7290 has been active since at least 2022 in South Asia but is now also active in Europe

It is focusing on intrusions against critical infrastructure entities in Southeast Europe

UAT-7290 shares tactical and infrastructure overlaps with China-linked adversaries known as Stone Panda and RedFoxtrot (aka Nomad Panda)

…

Here is the technical report by Cisco Talos

Web archive link

You must log in or # to comment.

Chat