Showboat Malware — Analysis, Campaigns & Threat Activity

Threat entity extracted from intelligence sources

Frequency
7
occurrences
First Seen
May 21, 2026
Last Seen
June 24, 2026

Showboat is a malware family tracked across 3 threat clusters and 7 intelligence report mentions on ThreatCluster. First observed May 21, 2026; most recent activity June 24, 2026.

Related Threat Clusters

  • Showboat Malware Targets Telecoms in China-Aligned Cyber Espionage Campaign

    A new Linux malware family named Showboat has been discovered, targeting telecommunications firms primarily in the Middle East and Central Asia since mid-2022. Researchers from Lumen's Black Lotus Labs and PwC…

    9 articles · Updated May 21, 2026
  • Showboat Malware Targets Telecoms with Stealth Techniques

    Showboat is a previously undocumented modular Linux post-exploitation framework linked to China, actively targeting telecom companies in the Middle East since mid-2022. It employs sophisticated stealth techniques,…

    3 articles · Updated June 19, 2026
  • KDDI Data Breach Exposes 14.22 Million Email Accounts

    KDDI, a Japanese telecommunications company, reported a significant data breach affecting up to 14.22 million email accounts. The breach was detected on June 17, 2026, when unauthorized access to an email system used by…

    12 articles · Updated June 24, 2026

Recent Intelligence Reports

  • KDDI Data Breach Exposes 14.2 Million Managed Email Credentials — Technadu · June 24, 2026
  • Showboat Malware Uses Pastebin — Gbhackers · June 19, 2026
  • PricewaterhouseCoopers’ (PwC) Threat Intelligence — www.pwc.com · May 22, 2026
  • New Linux malware 'Showboat' targets Middle East telecom provider | brief — Scworld · May 22, 2026
  • Introducing Showboat: A new malware family taunts defenses and targets international telecom firms — Lumen · May 21, 2026
  • Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks — Darkreading · May 21, 2026
  • Chinese hackers target telcos with new Linux, Windows malware — Bleepingcomputer · May 21, 2026

CVSS v3.1 Breakdown