Updated Another Beijing-linked cyberspy crew, this one dubbed Salt Typhoon, has reportedly been spotted on networks belonging to US internet service providers in stealthy data-stealing missions and potential preparation for future cyberattacks.
The Wall Street Journal on Wednesday reported the breaches, citing “people familiar with the matter.” The newspaper didn’t name the compromised ISPs, but said “a handful” had been broken into by this new Chinese group that investigators are calling Salt Typhoon.
While the US Cybersecurity and Infrastructure Security Agency did not immediately respond to The Register‘s inquiries about Salt Typhoon and the alleged ISP break-ins, the news follows a series of similar network intrusions that the Feds and private researchers have tied to Chinese government snoops.
A week ago, FBI Director Christopher Wray revealed his agency and international law enforcement disrupted a 260,000-device botnet controlled by a different Beijing-linked goon squad: Flax Typhoon.
This group had been building the Mirai-based botnet since 2021, and most recently targeting US critical infrastructure, government, and academics, according to…
