■■■■■ Compromising Telecom Systems: Deploying and Detecting the BPFDoor Backdoor.
Chinese Backdoor for Telecom Systems
The Chinese have been using a backdoor to maintain persistence across telecom systems.
The backdoor attaches itself to a raw network socket and inspects incoming traffic. It sees packets before firewall rules have a chance to process them. So even if your firewall is configured correctly, the backdoor can still see traffic that should have been blocked.
To access the system hackers send a magic byte to get a reverse shell.
https://hackers-arise.com/compromising-telecom-systems-deploying-and-detecting-the-bpfdoor-backdoor/