Targeting of telecommunications providers across the United States, Asia, and the Middle East
Date of report
  • May 2022
Affiliations
Chinese threat actor Red Menshen used a custom backdoor dubbed BPFDoor to target telecommunications providers, government systems, postal and logistic systems, and others in the United States, Hong Kong, India, Myanmar, South Korea, Turkey, and Vietnam. Red Menshen moved laterally across Windows systems, sending commands via a virtual private server that were administered by compromised Taiwanese routers.
Suspected victims
  • Telecommunications providers, government systems, postal and logistic system, and others in the United States, Hong Kong, India, Myanmar, South Korea, Turkey, and Vietnam
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Government
  • Private sector
  • Civil society