Threat hunters have discovered a new Linux malware called GTPDOOR that's designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX)
The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications.
GPRS roaming allows subscribers to access their GPRS services while they are beyond the reach of their home mobile network. This is facilitated by means of a GRX that transports the roaming traffic using GTP between the visited and the home Public Land Mobile Network (PLMN). Read More..