UAT-7290 Cyber Espionage Targets South Asian Telecoms
First seen 13 Jan 2026, 01:58 UTC
•
•47% similarity
•95.8
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
UAT-7290, a China-linked advanced persistent threat group, has been active since at least 2022, focusing on espionage against telecommunications providers in South Asia. The group employs a range of Linux and Windows malware, including RushDrop, DriveSwitch, and SilentRaid, to gain initial access to critical infrastructure. Recent activities have also extended into Southeast Europe.
ThreatCluster AI