Continer 7
Threat Card Hub
Salt Typhoon
95
Sophistication
2021
First Seen
89
Notoriety
98
Stealth
97
Immersive Rating
94
Impact
83
Tactics Variety
Ice creature holding large salt shakers pouring water-like salt in a snowy mountainous landscape.

Salt Typhoon

Chinese state-linked actor (also tracked as Earth Estries, GhostEmperor, FamousSparrow) specializing in telecommunications and critical infrastructure espionage. Responsible for the 2024 compromise of major US telecom providers, including access to lawful intercept systems used by law enforcement.

Key behaviours to watch:

  • Exploitation of edge devices (Cisco routers, Ivanti VPN, Fortinet) for initial access to carrier networks.
  • Long-term persistence using GRE/IPsec tunnels, modified SSH keys, and living-off-the-land techniques on network infrastructure.
  • Targeting of CALEA wiretap systems, call metadata, and communications of government officials.

Blog

Releated Content

No items found.
Sort By :
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Anonymous hacktivist card with Guy Fawkes mask and stats on cyber attacks and operations.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
Anonymous
40
2003
95
30
55
60
70
Graphic of a panda in Chinese military uniform using a laptop with Chinese flag background, about APT1 cyberespionage.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT1
85
2004
80
45
72
88
70
Illustration of a robotic panda in a robe holding a flaming earth, labeled APT10 with espionage stats and info.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT10
92
2006
78
90
90
94
88
Illustration of a buffalo-headed figure in military gear at a computer with tech monitors and a star background.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT32
88
2014
70
79
83
87
83
APT34 intel card shows a cheetah in jacket and scores for malware, espionage, and financial crime stats.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT34
84
2014
68
74
88
82
86
Illustration of a cheetah in a suit holding a rose and USB, labeled APT35, an Iranian state hacker group.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
APT35
73
2014
65
65
81
74
80
Digital chimera with lion and goat heads, blue and purple cybernetic style representing cyber threat group.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
Chimera
68
2019
55
63
69
72
61
Cozy Bear intel card with a bear in Russian hat, holding USB, describing it as a Russian cyber-espionage group.Brand logo with blue shapes and the word immersive above the text Learn More on black background.
Cozy Bear
70
2012
57
71
64
64
58