Chinese hackers deployed a new cyber-espionage tool on Linux servers belonging to a telecommunications network provider to steal SMS message content for specific recipients. MESSAGETAP is the latest tool attributed to APT41, a state-sponsored group of advanced hackers running espionage activity on behave of the Chinese government. The tool was installed on Short Message Service Center (SMSC) servers – Linux machines that push SMS content to their destination or store the messages until the recipient becomes available. The malware searches for two text files named ‘keyword_parm’ and ‘parm’, which contain lists of identifiers for messages of interest. The keywords are “terms of geopolitical interest to Chinese intelligence collection”””
Source: https://www.bleepingcomputer.com/news/security/chinese-hackers-steal-sms-messages-from-linux-routing-servers/