Skip to main content

Chinese hacking groups target US and European governments

posted onMarch 8, 2022
by l33tdawg
Silicon Angle
Credit: Silicon Angle

Three separate Chinese state-sponsored advanced persistent threat groups have been observed targeting victims, including U.S. state governments, European diplomatic entities and Gmail accounts linked to the U.S. government.

The first group, APT41, also known as Wicked Panda and Winti, is believed by researchers at Mandiant Inc. to have successfully compromised at least six U.S. state government networks. The APT did so by exploiting vulnerable internet-facing web applications, including using zero-day vulnerabilities in the USAHerds application and Apache Log4j.

The campaign by APT41 ran between May 2021 and February 2022. While Chinese state-sponsored actors targeting networks in the west is not new, the researchers note that one remarkable aspect is how quickly they act to exploit vulnerabilities when they become known. In the case of the now-infamous Log4j vulnerability, the Chinese hackers were exploiting the vulnerability within hours of it being disclosed. The exploitation of the initial Log4j vulnerability – there ended up being multiple vulnerabilities, directly led to the compromise of two U.S. state government networks as well as other targets in insurance and telecoms.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th

Thursday, June 6th