Chinese Hackers Stay Hidden On Military And Government Networks For Six Years

24 May 2024

Hackers target military and government networks for varied reasons, primarily related to spying, which involves interference in the functioning of critical infrastructure. This is mainly because these networks hold sensitive data and command systems that if tampered with can be a great blow to national security through the collection of intelligence information or even gaining an upper hand in times of war. Bitdefender Labs recently analyzed a chain of cyber-attacks on top-flight organizations in South China Sea countries, revealing a previously unknown threat actor who probably acted at China’s command. This investigation took several years and involved at least eight military and government victims from 2018, who used different methods and tools, such as Gh0st RAT iterations and .NET payloads, which can be likened to a cyber espionage museum. Technical Analysis The most unsettling aspect is that attackers repeatedly got back inside systems through weak passwords or failing to update them.

Source: GBHackers

Date:

24 May 2024

Categorie(s):

NEWS

Tag(s):

APT41, Cyber Attack, Cyber Espionage, Governments, Hidden

China’s Volt Typhoon reportedly breached Singtel in ‘test-run’ for US telecom attacks6 November 2024
Snowflake data theft suspect arrested in Canada6 November 2024
Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale6 November 2024
Canada arrests suspected hacker over breach of 160+ Snowflake users’ data6 November 2024
Cyberthreats linked to foreign actors aim to hinder Election Day proceedings5 November 2024