Did Chinese Hackers Just Do A Drive By On Several State Department…

According to a report released Tuesday by a private cybersecurity firm, hackers working for the Chinese government broke into the computer networks of at least six state governments between May 2021 and February this year in the United States.

According to NBC:

The group, known as APT41, allegedly exploited vulnerabilities in web applications to get their initial foothold into state government networks, Mandiant said.

APT41, which Mandiant claims carries out state-sponsored espionage on behalf of Beijing, took advantage of software flaws and quickly exploited security vulnerabilities that were made public by researchers. The hackers also adapted their tools to attack via different methods, it said.

“APT41’s recent activity against U.S. state governments consists of significant new capabilities, from new attack vectors to post-compromise tools and techniques,” the researchers said.

“APT41 can quickly adapt their initial access techniques by re-compromising an environment through a different vector, or by rapidly operationalizing a fresh vulnerability.”

Mandiant, the company behind Tuesday’s research, is a Nasdaq-listed cybersecurity firm based in the U.S. On Tuesday, Google said that it plans to acquire the company for around $5.4 billion.

Forbes reported that In Europe hackers associated with China was also recently identified:

Google reported on Monday that a Chinese group called Mustang Panda targeted European entities with lures related to Russia’s invasion of Ukraine. The company’s Threat Analysis Group (TAG) spotted phishing emails with malicious attached files with names such as ‘Situation at the EU borders with Ukraine.zip’.

“Contained within the zip file is an executable of the same name that is a basic downloader and when executed, downloads several additional files that load the final payload. To mitigate harm, TAG alerted relevant authorities of its findings,” Google wrote, adding: “Targeting of European organizations has represented a shift from Mustang Panda’s regularly observed Southeast Asian targets.”

Geoff Ackerman, a principal threat analyst at Reston, Virginia-based Mandiant Inc said, “While the ongoing crisis in Ukraine has rightfully captured the world’s attention and the potential for Russian cyber threats are real, we must remember that other major threat actors around the world are continuing their operations as-usual.”

“We cannot allow other cyber activity to fall to the wayside, especially given our observations that this campaign from APT41, one of the most prolific threat actors around, continues to this day,” Ackerman added in his statement.

There have been many occasions the Chinese tried to hack both US and Europe.

In fact, in April 2021, China reportedly hacked the US government and companies in the US remotely.

Sources: Thegatewaypundit, Msn, Gizmodo

More Reading

Post navigation