Skip to content

Hide Navigation Hide TOC

Operation Soft Cell (8dda51ef-9a30-48f7-b0fd-5b6f0a62262d)

In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with Chinese-affiliated threat actors, such as APT10. This multi-wave attacks focused on obtaining data of specific, high-value targets and resulted in a complete takeover of the network.

Cluster A Galaxy A Cluster B Galaxy B Level
Operation Soft Cell (8dda51ef-9a30-48f7-b0fd-5b6f0a62262d) Threat Actor GALLIUM (6085aad0-1d95-11ea-a140-078d42aced40) Microsoft Activity Group actor 1
Operation Soft Cell (8dda51ef-9a30-48f7-b0fd-5b6f0a62262d) Threat Actor GALLIUM (e400b6c5-77cf-453d-ba0f-44575583ac6c) Threat Actor 1
GALLIUM (6085aad0-1d95-11ea-a140-078d42aced40) Microsoft Activity Group actor GALLIUM (e400b6c5-77cf-453d-ba0f-44575583ac6c) Threat Actor 2
Granite Typhoon (ae4036de-c901-5f21-808a-f5c071ef509b) Microsoft Activity Group actor GALLIUM (e400b6c5-77cf-453d-ba0f-44575583ac6c) Threat Actor 2