- Salt Typhoon allegedly compromised emails of staffers on the US House Committee on China, Foreign Affairs and Defense
- The extent of the intrusion is still unclear; The FBI and the White House have not commented publicly
- The group is part of China’s “Typhoon” nexus, known for telecommunications breaches
Salt Typhoon, a notorious Chinese state-sponsored threat actor best known for its intrusions into Western telecommunications companies, was once again found snooping on Western communications.
This time, they were allegedly seen compromising emails used by staffers on “powerful committees of the US House of Representatives”. Earlier this week, the Financial Times reported on the findings, citing people familiar with the matter, who said the attackers gained access to email systems used by some staff on the House China committee.
In addition, aides on panels covering foreign affairs, intelligence and the armed forces were also targeted. However, specific names were not disclosed.
Who is Salt Typhoon?
What is also unclear is the scope of the incident and the depth to which the attackers were able to penetrate systems. It is apparently unclear whether the attackers accessed the emails of elected officials or only staff.
The FBI and the White House have yet to comment on the reports, while Chinese embassy spokesman Liu Pengyu called them “baseless speculation and allegations.”
Salt Typhoon is a Chinese state-sponsored threat actor, and part of a wider network of “Typhoon” groups – including Brass Typhoon, Volt Typhoon and Flax Typhoon. These groups are tasked with conducting cyber attacks that align with Chinese state interests – cyber espionage, data theft, and sustained access to critical infrastructure.
Last October, cybersecurity researchers Darktrace said they saw Salt Typhoon targeting communications networks in Europe, and before that they were seen breaching at least eight US telecoms, including T-Mobile, Verizon, AT&T and Lumen Technologies. Officials said Salt Typhoon’s victims are located in dozens of countries around the world, and they generally use stealthy techniques such as DLL sideloading and zero-day exploits.”
Whenever similar news breaks out, the Chinese vehemently deny all claims and instead point the finger at the US, describing it as the world’s biggest cyber bully.
Via Financial Times
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
