BackdoorDiplomacy targets the telecom industry in the Middle East

Threat Advisories

BackdoorDiplomacy targets the telecom industry in the Middle East

Threat Level
Actor Report

For a detailed threat advisory, download the pdf file here

Summary

BackdoorDiplomacy, an advanced persistent threat (APT) gang with roots in China, is most likely behind a hostile campaign targeting the Middle East. The espionage action, aimed at a Middle Eastern telecom operator, is reported to have begun on August 19, 2021, with the successful exploitation of ProxyShell weaknesses (CVE-2021-26855) in the Microsoft Exchange Server.