Chinese State Hackers Target South American Telcos with Advanced Malware

Chinese State Hackers Target South American Telcos with Advanced Malware

First seen 6 Mar 2026, 00:11 UTC Blog.TalosintelligenceBleepingcomputerScworld 80% similarity 57.6

Article Content

Browse articles
ThreatCluster

The advanced persistent threat group UAT-9244, linked to Chinese state-sponsored operations, has been targeting telecommunications providers in South America since 2024. Utilizing sophisticated techniques such as DLL side-loading, the group deploys a malware toolkit that includes the TernDoor backdoor, which poses significant risks to affected organizations' infrastructure.

ThreatCluster AI

Timeline

2024-01-01
UAT-9244 begins targeting South American telcos
2026-03-05
Bleepingcomputer and Talos report on UAT-9244's activities
Date unknown
TernDoor backdoor identified as part of malware toolkit

Community

Browse all →