Exclusive: New China-linked telco attackers

CrowdStrike has identified a brand-new China-linked cyber-espionage operation that's infiltrating telecommunications networks, according to a report first shared with Axios.

Why it matters: China has shown a new willingness to spy on its adversaries using whatever means possible — putting any remaining diplomatic relations between Beijing and the rest of the world in jeopardy.

Zoom in: CrowdStrike has discovered a new China-linked hacking group that's been targeting telecommunications networks since at least 2020 to spy on customers' text messages and phone call metadata.

• The group, which CrowdStrike is calling Liminal Panda, has also built custom hacking tools to exploit the industry's interoperable capabilities, allowing calls to other networks to breach additional telecommunications entities.
• So far, CrowdStrike has mostly seen evidence of Liminal Panda spying on networks in Southeast Asia and Africa.
• Liminal Panda has likely targeted unidentified networks to spy on officials living in these regions, CrowdStrike said. But the group may also be targeting individuals traveling through the region.

Threat level: The hackers may have also used their access to these networks to breach networks around the world, Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, told Axios.

• Liminal Panda's tools were also specifically built for bulk collection, Meyers said, meaning it could search network data for certain keywords.
• "They have lots of ways that they can use that access to target anything that is along the lines of their collection mandate," he noted.

Driving the news: Meyers is testifying today about China's hacking threats before the Senate Judiciary Committee's privacy subcommittee.

• He plans to go into more detail about Liminal Panda throughout his testimony.

Catch up quick: Liminal Panda is separate from the recently uncovered Salt Typhoon campaign targeting U.S. telecommunications providers.

• Salt Typhoon is believed to have targeted President-elect Trump, VP-elect JD Vance and other U.S. government officials. The hackers likely also stole audio from phone calls during those intrusions.
• T-Mobile is the latest U.S. mobile carrier to say it was a victim of Salt Typhoon.

The big picture: China has been eager to sow digital chaos in the U.S. and beyond in recent years — especially as it prepares for a possible invasion of Taiwan.

• Stealing state secrets may help China figure out how the U.S. would come to Taiwan's aid, and causing mayhem could undermine politicians' ability to provide aid in such an event.

What we're watching: Trump's cyber policy is still in flux as the transition gets underway — but he's already tapped a handful of well-known China hawks for notable positions.