APT41 – Page 2 – WindowsTechs.com

Five Chinese nationals, two Malaysians charged in connection with global hacking campaign

Posted on September 16, 2020 by Shannon Vavra

Five Chinese nationals working as part of a well-resourced hacking group and two Malaysian nationals have been charged in connection with a global hacking campaign that hit hundreds of targets in the U.S. and around the world in multiple industries, the Department of Justice announced Wednesday. The accused Chinese hackers allegedly compromised technology providers and installed software backdoors in their networks, giving themselves a portal to collect information. The operation is linked to an advanced persistent threat group known as APT41, which private security firms have tied to the Chinese government. U.S. indictments unsealed Wednesday alleged that the activity is tied to China’s Ministry of State Security (MSS), a civilian intelligence agency. The suspects are alleged to have targeted software development companies, computer hardware manufacturers, telecommunications entities, social media companies, as well as non-profit organizations, universities and think tanks. They are also accused of targeting foreign governments, and pro-democracy politicians and activists in Hong Kong. Prosecutors say the hackers […]

The post Five Chinese nationals, two Malaysians charged in connection with global hacking campaign appeared first on CyberScoop.

Continue reading Five Chinese nationals, two Malaysians charged in connection with global hacking campaign→

Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says

Posted on September 15, 2020 by Shannon Vavra

Six suspected Chinese hacking groups have zeroed-in on entities in the telecommunications sector in the first half of this year, according to CrowdStrike research published Tuesday. While CrowdStrike did not identify the groups by name, attackers have likely been running their hacking operations in an effort to steal sensitive data about targets, or to conduct intellectual property theft, researchers at the threat intelligence firm determined. The telecommunications sector was among the top most-targeted sectors in the first half of 2020, the company said, alluding to behavior that aligns with previous espionage patterns from hackers with suspected ties to Beijing. Publication of the report coincides with a fresh warning from the U.S. Department of Homeland Security that a Chinese intelligence agency is exploiting known software flaws to gather information from U.S. federal agencies, and amid an ongoing U.S. government effort to safeguard research into a COVID-19 vaccine, which Chinese hackers are alleged to have […]

The post Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says appeared first on CyberScoop.

Continue reading Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says→

Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign

Posted on March 25, 2020 by Lindsey O'Donnell

Researchers say that APT41’s exploits are part of one of the broadest espionage campaigns they’ve seen from a Chinese-linked actor “in recent years.” Continue reading Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign→

Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign

Posted on March 25, 2020 by Shannon Vavra

Earlier this year, state-backed Chinese hackers embarked on one of the most sweeping Chinese espionage campaigns FireEye has seen in years, according to new research the security firm published Wednesday. The campaign, which lasted between January 20 and March 11, targeted 75 organizations ranging in nearly every economic sector: telecommunications, healthcare, government, defense, finance, petrochemical, manufacturing, and transportation. The campaign, believed to be run by APT41, targeted nonprofit, legal, real estate, travel, education, and media organizations as well. “This activity is one of the most widespread campaigns we have seen from China-nexus espionage actors in recent years,” researchers Christopher Glyer, Dan Perez, Sarah Jones, and Steve Miller said. “While APT41 has previously conducted activity with an extensive initial entry … this scanning and exploitation has focused on a subset of our customers, and seems to reveal a high operational tempo and wide collection requirements for APT41.” APT41 zeroed in on victims […]

The post Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign appeared first on CyberScoop.

Continue reading Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign→

News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach

Posted on November 1, 2019 by Lindsey O'Donnell

Threatpost editors discuss this week’s biggest news – from a data breach of Bed Bath & Beyond, a tricky phishing attack and widespread APT activity. Continue reading News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach→

China-Linked Hackers Spy on Texts With MessageTap Malware

Posted on October 31, 2019 by Lindsey O'Donnell

Chinese state-sponsored hackers are attacking telecom networks to sniff out SMS messages that contain keywords revolving around political dissidents. Continue reading China-Linked Hackers Spy on Texts With MessageTap Malware→

A Chinese hacking group breached a telecom to monitor targets’ texts, phone metadata

Posted on October 31, 2019 by Shannon Vavra

Chinese government-linked hackers are monitoring mobile text messages of specific users, and for certain keywords as part of a new surveillance campaign meant to track individuals in a vast trove of telecommunication data, according to findings published Thursday. APT41, a group that carries out state-sponsored cyber-espionage on Beijing’s behalf, this summer compromised an unnamed telecommunications provider to monitor the messaging activity of high-ranking individuals of interest to the Chinese government, according to FireEye. Chinese hackers primarily have been scanning for military or intelligence keywords, tracking how subjects are reacting to protests, such as those in Hong Kong, and analyzing victims’ opinions of world leaders, Steve Stone, advanced practices director at FireEye, told CyberScoop. During the same intrusions into the unnamed phone company, APT41 also sought individuals’ records from call detail record (CDR) databases, which provide metadata such as the time the calls were made, the phone numbers involved, and the length of the […]

The post A Chinese hacking group breached a telecom to monitor targets’ texts, phone metadata appeared first on CyberScoop.

Continue reading A Chinese hacking group breached a telecom to monitor targets’ texts, phone metadata→

15 Years Later, Metasploit Still Manages to be a Menace

Posted on October 23, 2019 by Tom Spring

A fresh look at the penetration testing tool Metasploit reveals the 15-year old hacking tool still has some tricks up its sleeves, even against modern defenses. Continue reading 15 Years Later, Metasploit Still Manages to be a Menace→

Chinese spies have their sights on cancer research

Posted on August 21, 2019 by Sean Lyngaas

After China’s cancer rate surged in recent years, Chinese authorities went looking for an answer to the problem. They appear to have found a useful tool in the country’s cyber capabilities. Over the last two years, Chinese government-linked hackers have targeted organizations involved in cancer research on multiple occasions, cybersecurity company FireEye said in a report published Wednesday. In at least one case, more than one group has gone after the same organization — evidence of a relentless pursuit of research data. “It makes sense when you look at the larger context that China’s operating in,” said Luke McNamara, principal analyst at FireEye, referring to the cancer scourge in China and the resulting social costs. In one incident in April, Chinese hackers targeted a U.S.-based cancer research organization with a malware-laced document referencing a conference the organization hosted. A year earlier, the newly-named Chinese hacking outfit APT41 spearphished employees of […]

The post Chinese spies have their sights on cancer research appeared first on CyberScoop.

Continue reading Chinese spies have their sights on cancer research→

Meet APT41, the Chinese hackers moonlighting for personal gain

Posted on August 7, 2019 by Sean Lyngaas

Members of a Chinese-state-sponsored hacking group have been using their skills to enrich themselves for years in operations targeting the gaming industry, cybersecurity company FireEye announced Wednesday. By day, the group, dubbed APT41, conducts espionage in the health care, telecommunications, and education sectors, FireEye said. By night, those same hackers have manipulated virtual currency in the gaming sector and, in one case, tried to deploy ransomware, to line their pockets. In a first for China-based group, the company said, the hackers are using malware typically reserved for spying for personal gain. “Their aggressive and persistent operations for both espionage and cybercrime purposes distinguish APT41 from other adversaries and make them a major threat across multiple industries,” said Sandra Joyce, FireEye’s senior vice president of global threat intelligence. APT41’s unveiling comes as the U.S. and China are locked in a bitter trade dispute, and after years of U.S. officials alleging that the […]

The post Meet APT41, the Chinese hackers moonlighting for personal gain appeared first on CyberScoop.

Continue reading Meet APT41, the Chinese hackers moonlighting for personal gain→