Salt Typoon, which allegedly has the backing of the Chinese government, attacked several US telecom companies and internet providers in an apparent attempt to spy on high-value government officials and counterintelligence agents.
A few days back, it was reported that T-Mobile may also have been a victim of Salt Typoon’s wide-scale campaign. The company responded that it found no evidence of access to any sensitive information.
Bloomberg now reports that hackers were able to access edge-routing infrastructure to gain unauthorized access to some devices, including a T-Mobile router, but the company was quick to detect their activity. It kicked them out before any serious damage was done.
The hackers were reportedly trying to reach deeper layers of its network but since the intrusion was caught at an early stage, they were not able to access customer data.
Previous reports said that Salt Typoon lurked in the systems of some companies for months but T-Mobile made sure that access was cut off when it thwarted the attack.
T-Mobile seemingly doesn’t hold Salt Typoon responsible for the attack but it’s the likely culprit, given the attack exhibits similarities to intrusions perpetrated by the group.
US officials have accused the Chinese state-sponsored group of breaching multiple telecom companies to siphon off customer records and interfere with correspondence among a limited number of government officials and politicians.
Some known targets include President-elect Donald Trump and his family members, and Vice President Kamala Harris’ staff.
This underscores the severity of the cyberattack. T-Mobile‘s early action may help it shake off the perception that it doesn’t take security seriously. The company was fined heavily in August for failing to prevent access to sensitive data between August 2020 and June 2021.