Chinese Hacker Pwns 81K Sophos Devices With Zero-Day Bug

Chinese Hacker Pwns 81K Sophos Devices With Zero-Day Bug

December 11, 2024 at 05:52PM

The US government has charged Chinese national Guan Tianfeng for allegedly hacking 81,000 Sophos firewall devices in 2020 using a severe zero-day vulnerability (CVE-2020-12271). An arrest warrant has been issued, and a $10 million reward is offered for information about him and his operations in China.

### Meeting Takeaways:

1. **Charges Filed**: The US government has charged Guan Tianfeng, a Chinese national, in connection with a significant cyberattack on Sophos firewall devices globally, impacting around 81,000 devices in 2020.

2. **Nature of the Charges**: Tianfeng faces charges of conspiracy to commit computer fraud and conspiracy to commit wire fraud. He is also accused of developing a zero-day vulnerability exploited in the attack.

3. **Zero-Day Vulnerability Details**: The vulnerability, identified as CVE-2020-12271, has a CVSS score of 9.8 and is classified as a critical SQL injection flaw, potentially allowing remote code execution (RCE).

4. **Arrest Warrant Issued**: A federal arrest warrant for Tianfeng has been issued by the US District Court in Indiana. He is believed to be residing in Sichuan Province, China.

5. **Reward Offered**: The Rewards for Justice Program is offering up to $10 million for information leading to Tianfeng’s capture, details about the Sichuan Silence Technology Company Ltd., and other individuals associated with the malicious activities.

6. **Official Statement**: Assistant Attorney General for National Security, Matthew Olsen, emphasized the serious nature of the attacks on global cybersecurity and the DOJ’s commitment to holding accountable those involved in such activities.

7. **Reporting Tips**: Information can be submitted to the FBI through various secure communication channels including WhatsApp, Signal, and Telegram, or via the FBI’s official tips website.

Full Article