Viasat Hacked by China’s Salt Typhoon Cyber Group

Satellite communications provider Viasat has confirmed a cybersecurity breach linked to China’s notorious Salt Typhoon hacking collective, marking the latest in a string of attacks against global telecom networks. The company, which delivers broadband services to military, aviation, and enterprise clients across 189,000 U.S. subscribers, detected the intrusion earlier this year and has since collaborated with federal agencies to address the threat.

Viasat stated that an internal probe found no evidence of customer data compromise following unauthorized access through a vulnerable device. “We’ve resolved the incident with no signs of ongoing malicious activity,” the company told BleepingComputer, though it declined to share specifics due to ongoing government cooperation. The disclosure comes after months of silence, Viasat ignored initial inquiries about the breach in February.

This isn’t the first time Viasat has faced cyberattacks. In 2022, Russian operatives crippled its KA-SAT network using AcidRain malware just before invading Ukraine, disrupting internet access for thousands across Europe and even affecting German wind farm operations.

Salt Typhoon’s global telecom campaign has drawn sharp scrutiny from U.S. agencies. Last October, the FBI and CISA exposed the group’s infiltration of major providers like AT&T, Verizon, and Lumen, along with wiretapping systems used by law enforcement. The hackers reportedly accessed sensitive communications of some government officials during their spree.

Recent intelligence suggests the group also targeted Comcast and Digital Realty, exploiting unpatched Cisco vulnerabilities to breach networks worldwide. Active since at least 2019, Salt Typhoon continues to refine its tactics, focusing on telecom infrastructure as a gateway to government and corporate data. Authorities warn that such breaches underscore the escalating threat posed by state-sponsored cyberespionage.

(Source: BLEEPINGCOMPUTER)