Bleepingcomputer
China-linked Cyber Group Expands Targeting to Southeastern Europe
First seen 9 Jan 2026, 01:51 UTC
•
•52% similarity
•95.9
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
A sophisticated threat actor known as UAT-7290, tracked by Cisco Talos, has expanded its operations to target telecommunications providers in Southeastern Europe. This group, which has been active since at least 2022, primarily focuses on cyber-espionage against telcos in South Asia and utilizes Linux-based malware along with an Operational Relay Box (ORB) infrastructure for initial access.
ThreatCluster AI