07 December 2023
GALLIUM Expands Targeting Across Telecommunications, Government and Finance Sectors With New PingPull Tool
Unit 42 recently identified a new, difficult-to-detect remote access trojan named PingPull being used by GALLIUM, an advanced persistent threat (APT) group. This group, also known as Softcell, established its reputation by targeting telecommunications companies operating in Southeast Asia, Europe and Africa.
The group’s geographic targeting, sector-specific focus and technical proficiency, combined with their use of known Chinese threat actor malware and tactics, techniques and procedures (TTPs), has resulted in industry assessments that GALLIUM is likely a Chinese state-sponsored group.
Read more about it: here