Mystery Group Targeting Telcos Linked to Chinese APTs

Researchers from Microsoft, SentinelLabs, and PwC have linked the Sandman threat group, known for conducting cyberattacks against global telecom providers, to a network of Chinese government-backed advanced persistent threat (APT) groups. They found shared malware development practices and functional overlaps with China-based group STORM-08/Red Dev 40, also notorious for attacking telcos in the Middle East and South Asia. This reveals the increasing collaboration and coordination among various Chinese APT groups.