Unveiling LIMINAL PANDA: A Closer Look at China's Cyber Threats to the Telecom Sector

CrowdStrike publishes an intelligence overview of LIMINAL PANDA, a persistent adversary active since at least 2020 that targets telecommunications providers to enable covert access, command-and-control (including GSM protocol emulation), and exfiltration of subscriber data (call metadata and SMS). The report documents custom and publicly available tooling associated with the actor, outlines regional targeting (southern Asia and Africa), provides limited China-nexus attribution indicators, and offers defensive recommendations for telecom operators and network administrators.