<ul><li>Chinese state-sponsored threat actor Salt Typhoon has been targeting telecommunication service providers with a new backdoor malware called GhostSpider.</li><li>GhostSpider is a stealthy backdoor that remains in memory and encrypts its communication with the C2 server.</li><li>Salt Typhoon also uses other variants such as Masol RAT, Demodex, and SnappyBee for data exfiltration and surveillance.</li><li>Major telecommunications providers like T-Mobile, AT&T, Verizon, and Lumen Technologies have been among Salt Typhoon's victims.</li></ul>

Salt Typhoon targets telcos again with backdoor GhostSpider malware

Discover more