Close Menu
    Facebook LinkedIn YouTube Instagram X (Twitter)
    Blue Tech Wave Media
    Facebook LinkedIn YouTube Instagram X (Twitter)
    • Home
    • Leadership Alliance
    • Exclusives
    • Internet Governance
      • Regulation
      • Governance Bodies
      • Emerging Tech
    • IT Infrastructure
      • Networking
      • Cloud
      • Data Centres
    • Company Stories
      • Profiles
      • Startups
      • Tech Titans
      • Partner Content
    • Others
      • Fintech
        • Blockchain
        • Payments
        • Regulation
      • Tech Trends
        • AI
        • AR/VR
        • IoT
      • Video / Podcast
    Blue Tech Wave Media
    Home » Chinese hackers breached Asian telcos for years
    IT Infrastructure

    Chinese hackers breached Asian telcos for years

    By Kayla ZhangApril 3, 2025No Comments2 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email
    • Weaver Ant group infiltrated telecom providers using stealthy techniques.
    • The campaign remained undetected for over four years.

    What happened: Stealthy telecom espionage campaign exposed

    A Chinese-linked hacking group, dubbed Weaver Ant, secretly infiltrated several Asian telecommunications providers over a period of at least four years, according to a report by cybersecurity firm Sygnia. The attackers leveraged advanced techniques, including encrypted tunnelling and web shells, to maintain persistence and avoid detection.

    The hackers used compromised Zyxel home routers across Southeast Asia as a relay network, effectively masking their origin. This enabled them to conduct long-term espionage operations, harvest credentials, and monitor internal network activity. The attackers also deployed a previously undiscovered web shell named INMemory, which executes payloads directly in server memory, leaving little forensic trace.

    Sygnia’s investigation revealed that Weaver Ant utilised a non-provisioned operational relay box (ORB) network to proxy malicious traffic, further concealing its infrastructure. The group also demonstrated a high level of adaptability, pivoting from one telecom provider to another through compromised devices, evading security measures along the way.

    The breach came to light accidentally during an unrelated Sygnia investigation, when a previously disabled account was reactivated by a service account. This reactivation led analysts to uncover the larger espionage campaign, confirming Weaver Ant’s extensive access across multiple telecom networks.

    Also read: Telcos at a crossroads: Google Cloud’s AI call to action
    Also read: NVIDIA AI: Revolutionising telcos with AI-RAN and GenAI

    Why it is important

    The revelation of this campaign highlights the vulnerability of critical telecom infrastructure to prolonged cyberespionage operations. Telecom providers, being central to communications, are lucrative targets for nation-state actors seeking intelligence on government, business, and individual activities.

    By using home routers as relays, the attackers effectively bypassed traditional network detection systems. This approach, coupled with the use of memory-based web shells, demonstrates an evolution in hacking techniques, making it harder for security teams to trace or block the intrusion.

    Moreover, the persistence of the attack over several years suggests that telecom operators may face systemic weaknesses in their security frameworks. The incident underscores the need for continuous monitoring, advanced threat detection systems, and proactive cybersecurity measures to prevent similar breaches.

    Cyber espionage Hacking telecom security Weaver Ant
    Kayla Zhang

    Kayla is a community engagement specialist at BTW Media, having studied English language studies at University of Malaya. Contact her at K.Zhang@btw.media.

    Related Posts

    EPIC asia selects vibrant Jakarta venues for peer-networking 2025

    August 11, 2025

    Bouygues breach exposes telecom data risks

    August 11, 2025

    OpenAI disclosure gap on GPT-5 energy raises AI power concerns

    August 11, 2025
    Add A Comment
    Leave A Reply Cancel Reply

    CATEGORIES
    Archives
    • August 2025
    • July 2025
    • June 2025
    • May 2025
    • April 2025
    • March 2025
    • February 2025
    • January 2025
    • December 2024
    • November 2024
    • October 2024
    • September 2024
    • August 2024
    • July 2024
    • June 2024
    • May 2024
    • April 2024
    • March 2024
    • February 2024
    • January 2024
    • December 2023
    • November 2023
    • October 2023
    • September 2023
    • August 2023
    • July 2023

    Blue Tech Wave (BTW.Media) is a future-facing tech media brand delivering sharp insights, trendspotting, and bold storytelling across digital, social, and video. We translate complexity into clarity—so you’re always ahead of the curve.

    BTW
    • About BTW
    • Contact Us
    • Join Our Team
    TERMS
    • Privacy Policy
    • Cookie Policy
    • Terms of Use
    Facebook X (Twitter) Instagram YouTube LinkedIn

    Type above and press Enter to search. Press Esc to cancel.