95

Sophistication

2021

First Seen

89

Notoriety

98

Stealth

97

Immersive Rating

94

Impact

83

Tactics Variety

Salt Typhoon

Chinese state-linked actor (also tracked as Earth Estries, GhostEmperor, FamousSparrow) specializing in telecommunications and critical infrastructure espionage. Responsible for the 2024 compromise of major US telecom providers, including access to lawful intercept systems used by law enforcement.

Key behaviours to watch:

Exploitation of edge devices (Cisco routers, Ivanti VPN, Fortinet) for initial access to carrier networks.
Long-term persistence using GRE/IPsec tunnels, modified SSH keys, and living-off-the-land techniques on network infrastructure.
Targeting of CALEA wiretap systems, call metadata, and communications of government officials.

‍

Immersive coverage includes:

‍

Blog

Releated Content

Unauthenticated RCE in EXO: Why the Security Architecture of Open-Source AI Platforms Needs Immediate Attention

Threat Intelligence

February 20, 2026

The Hidden Attack Surface in Your Dependencies

Threat Intelligence

February 19, 2026

OpenClaw: What You Need to Know Before It Claws Its Way Into Your Organization

No items found.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

IT Army of Ukraine

75

2013

68

72

88

65

70

Kamacite

88

2013

86

83

85

81

86

Kimusky

62

2021

88

43

86

78

66

Lapsus$

89

2009

92

73

85

81

87

Lazarus Group

95

2008

85

92

93

94

88

LulzSec

50

2011

75

38

62

72

52

MAGNALLIUM

80

2013

56

73

79

58

74

Onyx Sleet

85

2014

80

80

84

71

77