TZUTC: -0500
MSGID: 1935.consprcy@1:2320/105 2dc65d4f
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
Congressional staff emails hacked as part of Salt Typhoon campaign

Date:
Thu, 08 Jan 2026 19:35:00 +0000

Description:
Emails used by staff members of powerful committees in the US House of
Representatives were allegedly breached.

FULL STORY

Salt Typhoon, infamous Chinese state-sponsored threat actor known best for
their incursions into western telecommunications companies , was found
snooping on western communications once again. 

This time, they were allegedly seen compromising emails used by staff members
of powerful committees in the US House of Representatives. Earlier this week,
the Financial Times reported on the findings, citing people familiar with the
matter, and saying the attackers accessed email systems used by some staffers
on the House China committee. 

Furthermore, aides on panels covering foreign affairs, intelligence, and the
armed forces were also targeted. Specific names were not disclosed, though.

Who are Salt Typhoon? 

Whats also left unclear is the scope of the incident and the depth to which
the attackers managed to penetrate systems. Apparently, it is unclear if the
attackers accessed emails of elected officials, or just the staffers. 

The FBI and the White House have not commented on the reports just yet, while
the spokesperson for the Chinese Embassy, Liu Pengyu, called them unfounded
speculation and accusations. 

Salt Typhoon is a Chinese state-sponsored threat actor, and a part of a wider
nexus of Typhoon groups - including Brass Typhoon, Volt Typhoon, and Flax
Typhoon. These groups are tasked with cyber-incursions that align with 
Chinese state interests - cyber-espionage, data theft, and persistent access
to critical infrastructure. 

In October last year, cybersecurity researchers Darktrace said they saw Salt
Typhoon targeting communications networks in Europe, and before that, they
were seen breaching at least eight US telcos , including T-Mobile, Verizon,
AT&T, and Lumen Technologies. Officials said Salt Typhoons victims are 
located in dozens of countries around the world, generally using stealthy
techniques such as DLL sideloading and zero-day exploits." 

Whenever similar news breaks, the Chinese deny all allegations vehemently, 
and instead point the finger at the US, describing them as the worlds biggest
cyber-bully. 

 Via Financial Times 

======================================================================
Link to news story:
https://www.techradar.com/pro/security/congressional-staff-emails-hacked-as-pa
rt-of-salt-typhoon-campaign

$$
--- SBBSecho 3.28-Linux
 * Origin: Capitol City Online (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 134 206 275 300 307 317 400 426 428
SEEN-BY: 229/470 664 700 705 266/512 291/111 320/219 322/757 342/200
SEEN-BY: 396/45 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12
SEEN-BY: 5075/35
PATH: 2320/105 229/426