UAT-9244 targets South American telecommunication providers with three new malware implants

Cisco Talos has disclosed UAT-9244, a China-nexus APT group closely associated with Famous Sparrow, which has been targeting South American telecommunication providers since 2024. The group employs three new malware implants: TernDoor (a backdoor variant of CrowDoor), PeerTime (an ELF-based backdoor using the BitTorrent protocol), and BruteEntry (a brute force scanner used to create Operational Relay Boxes).