Massive, China-state-funded hack hits companies around the world, report says
Attacks are linked to Cicada, a group believed to be funded by the Chinese state. …
reader comments
83 with 49 posters participating
Researchers have uncovered a massive hacking campaign that’s using sophisticated tools and techniques to compromise the networks of companies around the world
The hackers, most likely from a well-known group that’s funded by the Chinese government, are outfitted with both off-the-shelf and custom-made tools. One such tool exploits Zerologon, the name given to a Windows server vulnerability, patched in August, that can give attackers instant administrator privileges on vulnerable systems.
Symantec uses the code name Cicada for the group, which is widely believed to be funded by the Chinese government and also carries the monikers of APT10, Stone Panda, and Cloud Hopper from other research organizations. The group has been active in espionage-style hacking since at least 2009 and almost exclusively targets companies linked to Japan. While the companies targeted in the recent campaign are located in the United States and other countries, all of them have links to Japan or Japanese companies.
On the lookout
“Japan-linked organizations need to be on alert as it is clear they are a key target of this sophisticated and well-resourced group, with the automotive industry seemingly a key target in this attack campaign,” researchers from security firm Symantec wrote in a report. “However, with the wide range of industries targeted by these attacks, Japanese organizations in all sectors need to be aware that they are at risk of this kind of activity.”
The attacks make extensive use of DLL side-loading, a technique that occurs when attackers replace a
Continue reading – Article source
