Congressional staff emails hacked as part of Salt Typhoon campaign

News
By published

The infamous Chinese hackers were seen once again

Shutterstock.com / kanlaya wanon
(Image credit: Shutterstock)
  • Salt Typhoon allegedly compromised emails of US House committee staffers on China, foreign affairs, and defense
  • Scope of intrusion remains unclear; FBI and White House have not commented publicly
  • Group is part of China’s “Typhoon” nexus, known for telecom breaches

Salt Typhoon, infamous Chinese state-sponsored threat actor known best for their incursions into western telecommunications companies, was found snooping on western communications once again.

This time, they were allegedly seen compromising emails used by staff members of “powerful committees in the US House of Representatives”. Earlier this week, the Financial Times reported on the findings, citing people familiar with the matter, and saying the attackers accessed email systems used by some staffers on the House China committee.

Furthermore, aides on panels covering foreign affairs, intelligence, and the armed forces were also targeted. Specific names were not disclosed, though.

Who are Salt Typhoon?

What’s also left unclear is the scope of the incident and the depth to which the attackers managed to penetrate systems. Apparently, it is unclear if the attackers accessed emails of elected officials, or just the staffers.

The FBI and the White House have not commented on the reports just yet, while the spokesperson for the Chinese Embassy, Liu Pengyu, called them “unfounded speculation and accusations”.

Salt Typhoon is a Chinese state-sponsored threat actor, and a part of a wider nexus of “Typhoon” groups - including Brass Typhoon, Volt Typhoon, and Flax Typhoon. These groups are tasked with cyber-incursions that align with Chinese state interests - cyber-espionage, data theft, and persistent access to critical infrastructure.

In October last year, cybersecurity researchers Darktrace said they saw Salt Typhoon targeting communications networks in Europe, and before that, they were seen breaching at least eight US telcos, including T-Mobile, Verizon, AT&T, and Lumen Technologies. Officials said Salt Typhoon’s victims are located in dozens of countries around the world, generally using stealthy techniques such as DLL sideloading and zero-day exploits."

Whenever similar news breaks, the Chinese deny all allegations vehemently, and instead point the finger at the US, describing them as the world’s biggest cyber-bully.

Via Financial Times

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.