Intel Name: Operation dragonclone
Date of Scan: June 11, 2025
Impact: Medium
Summary: A recent campaign has been uncovered targeting the Chinese telecom sector, with a specific focus on China Mobile Tietong Co., Ltd., a major subsidiary of China Mobile. The attack leverages a malware ecosystem built around VELETRIX and VShell malware. VShell, a well-known adversary simulation tool, is commonly used by threat actors in China and has been employed in attacks against various Western entities in the wild.
