China-Linked Hackers Use Malware Trio for Telecom Espionage

Researchers Tie UAT-9244 Intrusion to Famous Sparrow and Tropic Trooper Pooja Tikekar (@PoojaTikekar) • March 6, 2026

A China-linked cyberespionage group has been targeting telecommunications providers in South America since 2024 using a set of newly discovered malware tools designed to maintain persistent access to critical communications infrastructure, Cisco Talos researchers found.

See Also: Experts Offer Insights from Theoretical to the Realities of AI-enabled Cybercrime

The threat intelligence company tracks the group as UAT-9244 and says it overlaps with Chinese advanced persistent threat groups Famous Sparrow and Tropic Trooper.

Famous Sparrow has been active since at least 2019, with a history of targeting hotels, governments, international organizations and law firms. Tropic Trooper has operated since at least 2011, focusing primarily on government agencies, transportation networks and high-tech industries across Taiwan, the Philippines and Hong Kong, with more recent activity reported in the Middle East.

The campaign focuses on telecommunications networks, which ...