TeleBoyi
| Actor Type | Nation State |
|---|---|
| Attributed to Nation | China |
| Affiliated Intrusion Sets | FamousSparrow , APT41 |
TeleBoyi is an intrusion set tracked by TeamT5. According to researchers, TeleBoyi is a China-nexus group which has been active since at least 2014.
The intrusion set has been observed targeting victims worldwide but with a particular focus on the APAC (Asia-Pacific) region and critical infrastructure sectors (mainly telecoms). The group uses a variety of malware associated with Chinese threat groups including PlugX, Winnti and ShadowPad.
TeamT5 identify potential collaboration between TeleBoyi and other Chinese APT groups including APT41, Earth Berberoka and SLIME40 (FamousSparrow/GroundPeony).
Cyber Threat Graph Context
Explore how this Intrusion Set relates to the wider threat graph
TeleBoyi Threat Reports
Unveiling TeleBoyi: Chinese APT Group Targeting Critical Infrastructure Worldwide
This presentation from TeamT5 describes the intrusion set they refer to as TeleBoyi and was presented at JPCERT's JSAC2024 conference on January ...