95

Sophistication

2021

First Seen

89

Notoriety

98

Stealth

97

Immersive Rating

94

Impact

83

Tactics Variety

Salt Typhoon

Chinese state-linked actor (also tracked as Earth Estries, GhostEmperor, FamousSparrow) specializing in telecommunications and critical infrastructure espionage. Responsible for the 2024 compromise of major US telecom providers, including access to lawful intercept systems used by law enforcement.

Key behaviours to watch:

Exploitation of edge devices (Cisco routers, Ivanti VPN, Fortinet) for initial access to carrier networks.
Long-term persistence using GRE/IPsec tunnels, modified SSH keys, and living-off-the-land techniques on network infrastructure.
Targeting of CALEA wiretap systems, call metadata, and communications of government officials.

‍

Immersive coverage includes:

‍

Blog

Releated Content

Unauthenticated RCE in EXO: Why the Security Architecture of Open-Source AI Platforms Needs Immediate Attention

Threat Intelligence

February 20, 2026

The Hidden Attack Surface in Your Dependencies

Threat Intelligence

February 19, 2026

OpenClaw: What You Need to Know Before It Claws Its Way Into Your Organization

No items found.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

Dark Caracal

68

2020

54

57

65

71

52

DarkSide

92

2007

90

86

88

87

84

Dark Storm

80

2020

75

76

78

85

70

Fancy Bear

71

2017

63

64

68

65

65

FIN7

85

2021

81

75

89

91

80

Fox Kitten

53

2022

47

49

59

61

61

HAFNIUM

70

2022

69

62

73

76

60

Indian Cyber Force

80

2013

73

72

72

85

75