1:40 AM PST · February 13, 2025
Security researchers say the Chinese government-linked hacking group, Salt Typhoon, is continuing to compromise telecommunications providers, despite the recent sanctions imposed by the U.S. government on the group.
In a report shared with TechCrunch, threat intelligence firm Recorded Future said it had observed Salt Typhoon — which the company tracks as “RedMike” — breaching five telecommunications firms between December 2024 and January 2025.
Salt Typhoon made headlines last September after it was revealed that the group had infiltrated several U.S. phone and internet giants, including AT&T and Verizon, to gain access to the private communications of senior U.S. government officials and political figures.
Salt Typhoon also hacked into the systems that law enforcement agencies use for court-authorized collection of customer data, potentially accessing sensitive data such as the identities of Chinese targets of U.S. surveillance.
