Salt Typhoon hacking campaign which has affected more than 8 US telecom networks and is allowing Chinese hackers to spy on Americans text messages and phone calls. US authorities recommend using encrypted messaging apps to protect yourself until the issue can be resolved. Read more about SparrowDoor malware https://www.ncsc.gov.uk/static-assets...
Cybersecurity Threat
-
Chinese hackers linked to the Ministry of State Security have compromised 8+ US telecom networks, enabling them to spy on Americans' text messages and phone calls as part of the Salt Typhoon campaign.
-
The SparrowDoor malware used in this campaign is a persistent backdoor and loader targeting Windows systems, communicating via HTTPS and creating a reverse shell for real-time remote access.
Protection Measures
-
US authorities recommend using end-to-end encrypted messaging apps like Signal to protect communications until the issue is resolved.
-
Users should stop using text messages or phone calls for two-factor authentication and switch to authenticator apps to prevent potential SIM swapping attacks.
Broader Context
- The Salt Typhoon campaign, also known as Ghost Emperor, Famous Sparrow, and UNCC 2286, is an advanced persistent threat primarily focused on intelligence gathering and stealing research secrets from military and private sector networks.