Mastodawn

📰 China-Linked 'Red Menshen' APT Creates 'Digital Sleeper Cells' in Telecoms with BPFDoor

🇨🇳 China-linked APT 'Red Menshen' is planting stealthy BPFDoor backdoors in global telecom networks. The malware creates 'digital sleeper cells' for long-term espionage. 📡 #APT #BPFDoor #CyberEspionage

🔗 https://cyber.netsecops.io/articles/china-linked-apt-red-menshen-deploys-bpfdoor-in-global-telecom-networks/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

China-Linked 'Red Menshen' APT Creates 'Digital Sleeper Cells' in Telecoms with BPFDoor

A China-linked APT group, Red Menshen, is targeting telecommunications providers in the Middle East and Asia with a stealthy Linux backdoor called BPFDoor for long-term espionage.

CyberNetSec.io

securityaffairs 1d ago

#China-linked Red Menshen APT deploys stealthy #BPFDoor implants in #telecom networks
https://securityaffairs.com/190029/malware/china-linked-red-menshen-apt-deploys-stealthy-bpfdoor-implants-in-telecom-networks.html
#securityaffairs #hacking

China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks

China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets.

Security Affairs

CyberVeille.ch 1d ago

📢 BPFdoor : Red Menshen infiltre les réseaux télécoms mondiaux avec des implants furtifs
📝 ## 🔍 Contexte

Rapid7 Labs publie le 26 mars 2026 un rapport d'investigation approfondi sur une c...
📖 cyberveille : https://cyberveille.ch/posts/2026-03-26-bpfdoor-red-menshen-infiltre-les-reseaux-telecoms-mondiaux-avec-des-implants-furtifs/
🌐 source : https://www.rapid7.com/blog/post/tr-bpfdoor-telecom-networks-sleeper-cells-threat-research-report/
#BPFdoor #Cobalt_Strike #Cyberveille

BPFdoor : Red Menshen infiltre les réseaux télécoms mondiaux avec des implants furtifs

🔍 Contexte Rapid7 Labs publie le 26 mars 2026 un rapport d’investigation approfondi sur une campagne d’espionnage avancée ciblant les réseaux de télécommunications mondiaux. L’acteur identifié est Red Menshen, un groupe à nexus chinois (China-nexus), opérant sur le long terme avec des objectifs d’espionnage stratégique à haute valeur. 🎯 Cibles et objectifs Les cibles principales sont les opérateurs de télécommunications et les réseaux gouvernementaux. L’objectif est de positionner des accès persistants et dormants (« sleeper cells ») au cœur des infrastructures télécoms, permettant :

CyberVeille

The Threat Codex 1d ago

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone
#BPFDoor #RedMenshen #CrossC2
https://www.rapid7.com/blog/post/tr-bpfdoor-telecom-networks-sleeper-cells-threat-research-report/

BPFdoor in Telecom Networks: Sleeper Cells in the backbone

A months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus threat actor placing stealthy digital sleeper cells in telecommunications networks, in order to carry out high-level espionage – including against government networks. Read more in a new blog.

Rapid7

Yonhap Infomax News Dec 29

The Ministry of Science and ICT found similarities between BPFdoor malware attacks on SK Telecom and KT, but said it is difficult to confirm the same perpetrator; additional illegal femtocell intrusions are deemed unlikely after new security measures.
#YonhapInfomax #BPFdoor #KTCorp #SKTelecom #Cyberattack #FemtocellSecurity #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
https://en.infomaxai.com/news/articleView.html?idxno=97540

Ministry of Science and ICT Says 'SKT and KT BPFdoor Attacks Show Similarities—Difficult to Conclude Same Perpetrator' (Comprehensive Update 2)

The Ministry of Science and ICT found similarities between BPFdoor malware attacks on SK Telecom and KT, but said it is difficult to confirm the same perpetrator; additional illegal femtocell intrusions are deemed unlikely after new security measures.

Yonhap Infomax

Yonhap Infomax News Dec 29

South Korea's Ministry of Science and ICT found similarities between BPFdoor malware attacks on SK Telecom and KT, but said it is difficult to confirm the same perpetrator, citing open-source risks and lack of official attribution.
#YonhapInfomax #BPFdoor #SKTelecom #KT #Cyberattack #MinistryOfScienceAndICT #Economics #FinancialMarkets #Banking #Securities #Bonds #StockMarket
https://en.infomaxai.com/news/articleView.html?idxno=97533

Ministry of Science and ICT Says 'SKT and KT BPFdoor Attacks Show Similarities—Difficult to Conclude Same Perpetrator' (Comprehensive)

South Korea's Ministry of Science and ICT found similarities between BPFdoor malware attacks on SK Telecom and KT, but said it is difficult to confirm the same perpetrator, citing open-source risks and lack of official attribution.

Yonhap Infomax

Habr Aug 5, 2025

27 миллионов абонентов под угрозой: разбор крупнейшей кибератаки на корейский телеком

Что нужно, чтобы скомпрометировать данные 27 миллионов абонентов, обрушить акции телеком-гиганта и поставить под угрозу национальную безопасность одной из самых технологически развитых стран мира? Свежий zero-day? Квантовый компьютер? Гениальная социальная инженерия? Всего лишь веб-шелл, почти три года преступной халатности и один хитрый бэкдор. Неизвестные злоумышленники с июня 2022 года хозяйничали в критической инфраструктуре крупнейшего корейского сотового оператора. Под катом мы разберем эту громкую историю.

https://habr.com/ru/companies/bastion/articles/930716/

#атака #кибербезопасность #телеком #смартфоны #сотовая_связь #информционная_безопасность #тестирование_itсистем #BPFDoor #бэкдор

27 миллионов абонентов под угрозой: разбор крупнейшей кибератаки на корейский телеком

Что нужно, чтобы скомпрометировать данные 27 миллионов абонентов, обрушить акции телеком-гиганта и поставить под угрозу национальную безопасность одной из самых технологически развитых стран мира?...

Хабр

Rene Robichaud Apr 14, 2025

BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks
https://gbhackers.com/bpfdoor-malware/

#Infosec #Security #Cybersecurity #CeptBiro #BPFDoor #Malware #ReverseShell #CompromisedNetworks

BPFDoor Malware Uses Reverse Shell to Expand Control Over Compromised Networks

A new wave of cyber espionage attacks has brought BPFDoor malware into the spotlight as a stealthy and dangerous tool for compromising networks.

GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Stephen Hilt

Apr 14, 2025

Stealthy and persistent: #BPFdoor is back, slipping past defenses with almost no trace. Learn how this elusive Linux backdoor hides in plain sight and what it means for enterprise security. Full analysis by @TrendMicrod: https://www.trendmicro.com/en_us/research/25/d/bpfdoor-hidden-controller.html

BPFDoors Hidden Controller Used Against Asia, Middle East Targets

A controller linked to BPF backdoor can open a reverse shell, enabling deeper infiltration into compromised networks. Recent attacks have been observed targeting the telecommunications, finance, and retail sectors across South Korea, Hong Kong, Myanmar, Malaysia, and Egypt.

Trend Micro