China-Linked Hackers Deploy Stealth Malware in Global Telecom Networks: Report
New Delhi, March 27 – A China-linked state-sponsored hacking group has been found embedding highly stealthy malware deep within global telecom infrastructure, raising serious concerns about long-term cyber espionage, according to a report by Rapid7.Advanced Malware Designed for Long-Term Espionage
The cybersecurity firm revealed that attackers are using kernel-level implants and passive backdoors that function like “digital sleeper cells,” enabling them to remain undetected while continuously monitoring compromised systems.These tools allow hackers to maintain persistent access to networks without triggering traditional security alerts. Although no specific advanced persistent threat (APT) group has been officially identified, experts believe the campaign is aimed at high-level intelligence gathering, including surveillance of government and critical communication networks.
Exploiting Major Tech Platforms
The attackers gained access by exploiting vulnerabilities in widely used systems from major companies, including:- Cisco
- Fortinet
- VMware
- Palo Alto Networks
- Ivanti
BPFdoor Malware Enables Stealth Access
A key tool in the campaign is BPFdoor, a Linux-based backdoor that operates within the system kernel. It remains inactive while monitoring network traffic and only activates when it detects a specific hidden signal within data packets, making detection extremely difficult.Once inside, attackers deploy additional tools such as:
- Credential harvesters
- Keyloggers
- Remote command frameworks
Targeting Core Telecom Infrastructure
Rapid7 warned that the campaign is focused on gaining control over core telecom infrastructure, including both traditional systems and modern cloud environments like Kubernetes, widely used in telecom operations.Newer versions of the malware are even more sophisticated, hiding signals within encrypted web traffic and using multiple evasion techniques to bypass security layers.
Rising Cybersecurity Risks
Experts caution that such attacks pose significant risks as they target the backbone of communication systems, potentially enabling attackers to:- Monitor sensitive data flows
- Disrupt telecom services
- Prepare for future cyber operations
Disclaimer: Due care and diligence have been taken in compiling and presenting news and market-related content. However, errors or omissions may arise despite such efforts.
The information provided is for general informational purposes only and does not constitute investment advice, a recommendation, or an offer to buy or sell any securities. Readers are advised to rely on their own assessment and judgment and consult appropriate financial advisers, if required, before taking any investment-related decisions.