Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns

Chinese government-backed hacking team caught breaking into organizations in shipping, logistics and automotive sectors in Europe and Asia.
The post Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns appeared first… Continue reading Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns

SAS 2021: Learning to ChaCha with APT41

John Southworth gives insights about APT41 and the malware used by the threat actor – the Motnug loader and its descendant, the ChaCha loader; also, shares some thoughts on the actor’s attribution and the payload, including the infamous CobaltStrike. Continue reading SAS 2021: Learning to ChaCha with APT41

Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability

ESET said it discovered the group, which has been active since 2019.

The post Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability appeared first on CyberScoop.

Continue reading Espionage group targeted hotels, governments, seized on Microsoft Exchange vulnerability

Suspected Chinese hackers return with unusual attacks on domestic gambling companies

It’s rare for Chinese hackers to turn their gaze inward on domestic companies. But a well-known group appears to have been targeting online gambling firms in China with new malware. The malware, which Trend Micro dubbed BIOPASS RAT, goes after Chinese gambling companies with a watering hole attack, where hackers try to infect websites commonly used by its targets. “Notably, a large number of features were implemented to target and steal the private data of popular web browsers and instant messengers that are primarily used in Mainland China,” Trend Micro said in a report on Friday. Digital clues that Trend Micro identified point to the Chinese hacking outfit the Winnti Group as a culprit. Its activity overlaps with that of the Chinese government hackers known as APT41, such that it’s sometimes mentioned as a second name for the group. That’s a joint cybercrime and espionage organization of hackers whose goals […]

The post Suspected Chinese hackers return with unusual attacks on domestic gambling companies appeared first on CyberScoop.

Continue reading Suspected Chinese hackers return with unusual attacks on domestic gambling companies

At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns

Critical vulnerabilities in Microsoft software have turned into a feeding frenzy for state-linked hackers. At least 10 such hacking groups have exploited the flaws in the Exchange Server email program in recent days in operations around the world, anti-virus firm ESET said Wednesday. Many of the groups have well-documented links to China. The surge in hacking suggests multiple sets of espionage groups had access to the software exploit before Microsoft released fixes for it on March 2. It also compounds the challenges facing incident responders who are rushing to deal with the breaches, and bracing for additional exploitation of the bugs by criminal hackers. “It is still unclear how the distribution of the exploit happened, but it is inevitable that more and more threat actors, including ransomware operators, will have access to it sooner or later,” ESET researchers wrote in a blog post Wednesday. The intrusions by advanced persistent threat […]

The post At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns appeared first on CyberScoop.

Continue reading At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns

At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns

Critical vulnerabilities in Microsoft software have turned into a feeding frenzy for state-linked hackers. At least 10 such hacking groups have exploited the flaws in the Exchange Server email program in recent days in operations around the world, anti-virus firm ESET said Wednesday. Many of the groups have well-documented links to China. The surge in hacking suggests multiple sets of espionage groups had access to the software exploit before Microsoft released fixes for it on March 2. It also compounds the challenges facing incident responders who are rushing to deal with the breaches, and bracing for additional exploitation of the bugs by criminal hackers. “It is still unclear how the distribution of the exploit happened, but it is inevitable that more and more threat actors, including ransomware operators, will have access to it sooner or later,” ESET researchers wrote in a blog post Wednesday. The intrusions by advanced persistent threat […]

The post At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns appeared first on CyberScoop.

Continue reading At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns

Major Gaming Companies Hit with Ransomware Linked to APT27

Researchers say a recent attack targeting videogaming developers has ‘strong links’ to the infamous APT27 threat group. Continue reading Major Gaming Companies Hit with Ransomware Linked to APT27

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm. Continue reading Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Taiwan accuses Chinese hackers of aggressive attacks on government agencies

The Taiwanese government on Wednesday accused Chinese government-linked hackers of targeting 10 Taiwanese government agencies and 6,000 email accounts of officials in an escalation of Beijing’s long-running espionage on the island. Over the course of two years, Chinese hackers have infiltrated a variety of Taiwanese government offices in an effort to steal sensitive documents, Liu Chia-zung, an official in the Taiwan Investigation Bureau’s Cyber Security Investigation Office, said at a press conference. Liu conceded that with the breach of key IT infrastructure, at least some data may have been exposed. It is only the latest in a wave of suspected Chinese hacking campaigns to hit Taiwan, which China considers its territory. The Taiwanese semiconductor industry, a centerpiece of the global supply chain for smartphones, has also come under sustained assault from hackers that appear to be based in China, private researchers said earlier this month. And in May, Taiwan suggested that a broad […]

The post Taiwan accuses Chinese hackers of aggressive attacks on government agencies appeared first on CyberScoop.

Continue reading Taiwan accuses Chinese hackers of aggressive attacks on government agencies