Researchers from the cybersecurity company McAfee said they discovered a likely Chinese espionage campaign targeting telecommunication companies.
The McAfee Advanced Threat Research Strategic Intelligence team said the tactics, techniques and procedures used by the hackers to spy on companies related to 5G technology have the hallmarks of China-based and China-backed hackers from RedDelta and Mustang Panda.
“While the initial vector for the infection is not entirely clear, the McAfee ATR team believes with a medium level of confidence that victims were lured to a domain under control of the threat actor, from which they were infected with malware which the threat actor leveraged to perform additional discovery and data collection,” McAfee’s Andrea Rossini wrote on the company’s blog on Tuesday. “It is our belief that the attackers used a phishing website masquerading as the Huawei company career page.”
McAfee’s cybersecurity researchers said they identified telecom targets of the hackers in the United States, Europe and Southeast Asia, and found that the hackers also had an interest in German, Vietnamese and Indian telecom companies.
The researchers said the motivation behind the hacking campaign could have been spurred on by the ban of Chinese technology in the global 5G roll-out.
The McAfee team emphasized that it had “no evidence” that Huawei was knowingly involved in the hacking campaign, amid the hackers likely using Huawei’s brand in their phishing campaign.