4 Chinese APT Groups Identified Targeting Mail Server of Afghan Telecommunications Firm Roshan
released on 2021-09-29 @ 10:29:56 AM
Researchers detected separate intrusion activity targeting a mail server of Roshan, one of Afghanistan’s largest telecommunications providers, linked to 4 distinct Chinese state-sponsored threat activity groups. This includes activity we attribute to the Chinese state-sponsored groups RedFoxtrot and Calypso APT, as well as 2 additional clusters using the Winnti and PlugX backdoors.