Quad7 botnet-compromised credentials tapped by various Chinese hackers

1 November 2024

After Quad7’s successful exfiltration of targeted systems’ passwords through a limited number of sign-in attempts meant to evade detection, Storm-0940 immediately utilized the stolen credentials to breach networks, conduct credential dumping, and deploy remote access trojans and proxy tools to ensure persistence as part of a possible cyberespionage attack, an analysis from the Microsoft Threat Intelligence team showed. While Quad7’s exact means of breaching SOHO routers remain uncertain, an OpenWRT zero-day vulnerability was previously noted by Sekoia researchers to have been leveraged by threat actors to hack one of its honeypots.

Source: SC Magazine

Date:

1 November 2024

Categorie(s):

NEWS

Tag(s):

Breach, Chinese, IT, News

How Ransomware Jeopardizes Healthcare Organizations17 November 2024
Are Identity Theft Protection Services Worth the Money? It’s Complicated17 November 2024
Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked17 November 2024
Google’s Gemini AI Chatbot Keeps Telling Users to Die16 November 2024
Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk16 November 2024