Softcell

Softcell is a recognized threat actor, also known as GALLIUM, that has gained notoriety for its targeted cyber attacks on telecommunications companies operating in Southeast Asia, Europe, and Africa. This group's activities have been meticulously tracked and documented by cybersecurity professionals, highlighting their sophisticated tactics and aggressive strategies. The naming conventions used in the cybersecurity industry can often be confusing, with Softcell being an example of one entity having multiple aliases. Recently, researchers from Palo Alto Networks Unit 42 observed Softcell, now linked to the China-based Alloy Taurus group, expanding its target range to Linux systems with a new variant of the PingPull backdoor. In the course of this investigation, the researchers discovered a previously unknown backdoor used by this threat actor, which they have since designated as Sword2033. This discovery underscores the evolving nature of Softcell's capabilities and the increasing complexity of its attack vectors. It's important to note that there is another entity named Softcell Technologies Global, an award-winning System Integrator based in India. This company, which serves over 5000 customers nationwide and has been a partner for more than ten years, recently received the Harmony Partner Award. Despite sharing a name, this firm has no connection to the threat actor Softcell (GALLIUM). It is crucial to differentiate between these two entities to avoid any misunderstanding or miscommunication.