#ChineseHacking

White House Says at Least 8 US Telecom Firms, Dozens of Nations Impacted by China Hacking Campaign

December 5, 2024 by Xynik

December 5, 2024 at 06:03AM A White House official revealed that a Chinese hacking campaign has impacted at least eight U.S. telecom firms and multiple nations, targeting private communications of Americans, including officials. While no classified information was compromised, ongoing cybersecurity risks remain. The Chinese embassy denies involvement, urging the U.S. to stop its cyberattacks. … Read more

T-Mobile US ‘monitoring’ China’s ‘industry-wide attack’ amid fresh security breach fears

November 18, 2024 by Xynik

November 18, 2024 at 03:48PM T-Mobile US is monitoring an industry-wide cyber-espionage campaign believed to be conducted by Chinese government-backed hackers. Though the company has not confirmed being compromised, it stated there were no significant impacts or evidence of data theft. The FBI recently reported similar breaches across multiple telecoms. **Meeting Takeaways:** 1. **Cyber-Espionage Campaign … Read more

Chinese Spies Built Massive Botnet of IoT Devices to Target US, Taiwan Military

September 18, 2024 by Xynik

September 18, 2024 at 01:09PM Lumen Technologies researchers have identified a large-scale botnet, Raptor Train, controlled by a Chinese state-sponsored espionage group known as Flax Typhoon. The botnet targets US and Taiwanese organizations in critical sectors using IoT devices and has a robust command and control infrastructure. The botnet has been used for extensive scanning … Read more

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm

September 5, 2024 by Xynik

September 5, 2024 at 02:15AM Earth Lusca, a Chinese-speaking threat actor, has been observed deploying a new backdoor named KTLVdoor in a cyber attack targeting an unnamed trading company in China. The malware is written in Golang and masquerades as system utilities, with over 50 command-and-control servers identified. Its use by other Chinese threat actors … Read more

Chinese Hackers Have Stepped Up Attacks on Taiwanese Organizations, Cybersecurity Firm Says

June 24, 2024 by Xynik

June 24, 2024 at 03:18PM A Chinese state-sponsored hacking group known as RedJuliett has intensified attacks on Taiwanese organizations, particularly in government, education, technology, and diplomacy sectors. They exploited a vulnerability in SoftEther VPN software to access servers. The group’s activities align with Chinese state-sponsored hacking patterns. Recorded Future expects continued targeting of Taiwanese agencies, … Read more

In Other News: Airline Privacy Review, SEC’s SolarWinds Hack Probe, Apple MFA Bombing

March 29, 2024 by Xynik

March 29, 2024 at 10:36AM Summary: SecurityWeek’s roundup compiles this week’s cybersecurity stories, including US airlines facing privacy reviews, HHS cyberattack investigation, analysis of phishing kits like Tycoon and Darcula, MFA bombing attacks on Apple users, continued investigation into Chinese hacking of Finland’s parliament, and revelations about abandoned WordPress plugins. Other topics include the SEC’s … Read more

China’s Dogged Campaign to Portray Itself as Victim of US Hacking

February 12, 2024 by Xynik

February 12, 2024 at 06:09AM China has been accused of attempting to frame the US for cyber espionage, but a recent report from SentinelOne found most claims to be unsubstantiated. China seeks to shift global opinion on its hacking activities, but their reports lack technical evidence. Additionally, China has been coordinating a disinformation campaign to … Read more

China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments

January 11, 2024 by Xynik

January 11, 2024 at 10:41AM Chinese state-sponsored hackers are targeting government entities in the US, UK, and Australia by exploiting old vulnerabilities in Cisco routers, reports SecurityScorecard. The actors likely compromised one-third of observed vulnerable devices and may operate a much larger botnet than previously believed, as indicated by connections to government sites. The attacks … Read more

A New, Spookier Gh0st RAT Malware Haunts Global Cyber Targets

November 30, 2023 by Xynik

November 30, 2023 at 04:08PM A modified “Gh0st RAT” malware, called “SugarGh0st,” has been targeting South Koreans and Uzbekistan’s Ministry of Foreign Affairs. Distributed via phishing with decoy documents, the updated malware evades detection and allows remote access, data theft, and system manipulation. Originating from March 2008, Gh0st RAT remains effective due to its adaptability … Read more

Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

November 13, 2023 by Xynik

November 13, 2023 at 01:06AM Chinese hacking groups have been found targeting 24 Cambodian government organizations in a long-term espionage campaign. The cyber activity is believed to align with China’s geopolitical goals and involves leveraging strong relations with Cambodia to expand naval operations in the region. The groups have been using fake cloud backup and … Read more