Executive Summary
Palo Alto’s Unit42 recently reported on PingPull, a RAT used by the Gallium threat actor group to target entities in the telecommunications, government, and financial verticals.
PingPull Targets Telecom, Government, and Financial Verticals
Jun 27, 2022 3:56:10 PM / by PolySwarm Tech Team posted in Threat Bulletin, Financial, Government, Telecommunications, PingPull, Gallium
BPFDoor Targets Linux Systems
May 20, 2022 2:44:39 PM / by PolySwarm Tech Team posted in Threat Bulletin, China, Linux, Red Menshen, BPFDoor, Telecommunications
Background
PwC Threat Intelligence recently reported on BPFDoor, a passive network implant for Linux targeting telecommunications providers. The activity was attributed to the Chinese nexus threat actor group Red Menshen.