APT41 – Page 2 – WindowsTechs.com

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Posted on September 17, 2020 by BrianKrebs

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Continue reading Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack→

APT41 Operatives Indicted as Sophisticated Hacking Activity Continues

Posted on September 17, 2020 by Tara Seals

Five alleged members of the China-linked advanced threat group and two associates have been indicted by a Federal grand jury, on dozens of charges. Continue reading APT41 Operatives Indicted as Sophisticated Hacking Activity Continues→

Five Chinese nationals, two Malaysians charged in connection with global hacking campaign

Posted on September 16, 2020 by Shannon Vavra

Five Chinese nationals working as part of a well-resourced hacking group and two Malaysian nationals have been charged in connection with a global hacking campaign that hit hundreds of targets in the U.S. and around the world in multiple industries, the Department of Justice announced Wednesday. The accused Chinese hackers allegedly compromised technology providers and installed software backdoors in their networks, giving themselves a portal to collect information. The operation is linked to an advanced persistent threat group known as APT41, which private security firms have tied to the Chinese government. U.S. indictments unsealed Wednesday alleged that the activity is tied to China’s Ministry of State Security (MSS), a civilian intelligence agency. The suspects are alleged to have targeted software development companies, computer hardware manufacturers, telecommunications entities, social media companies, as well as non-profit organizations, universities and think tanks. They are also accused of targeting foreign governments, and pro-democracy politicians and activists in Hong Kong. Prosecutors say the hackers […]

The post Five Chinese nationals, two Malaysians charged in connection with global hacking campaign appeared first on CyberScoop.

Continue reading Five Chinese nationals, two Malaysians charged in connection with global hacking campaign→

Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says

Posted on September 15, 2020 by Shannon Vavra

Six suspected Chinese hacking groups have zeroed-in on entities in the telecommunications sector in the first half of this year, according to CrowdStrike research published Tuesday. While CrowdStrike did not identify the groups by name, attackers have likely been running their hacking operations in an effort to steal sensitive data about targets, or to conduct intellectual property theft, researchers at the threat intelligence firm determined. The telecommunications sector was among the top most-targeted sectors in the first half of 2020, the company said, alluding to behavior that aligns with previous espionage patterns from hackers with suspected ties to Beijing. Publication of the report coincides with a fresh warning from the U.S. Department of Homeland Security that a Chinese intelligence agency is exploiting known software flaws to gather information from U.S. federal agencies, and amid an ongoing U.S. government effort to safeguard research into a COVID-19 vaccine, which Chinese hackers are alleged to have […]

The post Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says appeared first on CyberScoop.

Continue reading Chinese hacking groups are bullying telecoms as 2020 goes on, CrowdStrike says→

Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign

Posted on March 25, 2020 by Lindsey O'Donnell

Researchers say that APT41’s exploits are part of one of the broadest espionage campaigns they’ve seen from a Chinese-linked actor “in recent years.” Continue reading Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign→

Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign

Posted on March 25, 2020 by Shannon Vavra

Earlier this year, state-backed Chinese hackers embarked on one of the most sweeping Chinese espionage campaigns FireEye has seen in years, according to new research the security firm published Wednesday. The campaign, which lasted between January 20 and March 11, targeted 75 organizations ranging in nearly every economic sector: telecommunications, healthcare, government, defense, finance, petrochemical, manufacturing, and transportation. The campaign, believed to be run by APT41, targeted nonprofit, legal, real estate, travel, education, and media organizations as well. “This activity is one of the most widespread campaigns we have seen from China-nexus espionage actors in recent years,” researchers Christopher Glyer, Dan Perez, Sarah Jones, and Steve Miller said. “While APT41 has previously conducted activity with an extensive initial entry … this scanning and exploitation has focused on a subset of our customers, and seems to reveal a high operational tempo and wide collection requirements for APT41.” APT41 zeroed in on victims […]

The post Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign appeared first on CyberScoop.

Continue reading Chinese hackers hit Citrix, Cisco vulnerabilities in sweeping campaign→

News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach

Posted on November 1, 2019 by Lindsey O'Donnell

Threatpost editors discuss this week’s biggest news – from a data breach of Bed Bath & Beyond, a tricky phishing attack and widespread APT activity. Continue reading News Wrap: APTs, Office 365 Voicemail Phish and Bed Bath & Beyond Breach→

China-Linked Hackers Spy on Texts With MessageTap Malware

Posted on October 31, 2019 by Lindsey O'Donnell

Chinese state-sponsored hackers are attacking telecom networks to sniff out SMS messages that contain keywords revolving around political dissidents. Continue reading China-Linked Hackers Spy on Texts With MessageTap Malware→

A Chinese hacking group breached a telecom to monitor targets’ texts, phone metadata

Posted on October 31, 2019 by Shannon Vavra

Chinese government-linked hackers are monitoring mobile text messages of specific users, and for certain keywords as part of a new surveillance campaign meant to track individuals in a vast trove of telecommunication data, according to findings published Thursday. APT41, a group that carries out state-sponsored cyber-espionage on Beijing’s behalf, this summer compromised an unnamed telecommunications provider to monitor the messaging activity of high-ranking individuals of interest to the Chinese government, according to FireEye. Chinese hackers primarily have been scanning for military or intelligence keywords, tracking how subjects are reacting to protests, such as those in Hong Kong, and analyzing victims’ opinions of world leaders, Steve Stone, advanced practices director at FireEye, told CyberScoop. During the same intrusions into the unnamed phone company, APT41 also sought individuals’ records from call detail record (CDR) databases, which provide metadata such as the time the calls were made, the phone numbers involved, and the length of the […]

The post A Chinese hacking group breached a telecom to monitor targets’ texts, phone metadata appeared first on CyberScoop.

Continue reading A Chinese hacking group breached a telecom to monitor targets’ texts, phone metadata→

15 Years Later, Metasploit Still Manages to be a Menace

Posted on October 23, 2019 by Tom Spring

A fresh look at the penetration testing tool Metasploit reveals the 15-year old hacking tool still has some tricks up its sleeves, even against modern defenses. Continue reading 15 Years Later, Metasploit Still Manages to be a Menace→