1. Forum
  2. Fidonet
  3. CONSPRCY

  • Chinese hackers launch ma

    From Mike Powell@1:2320/105 to All on Wednesday, June 11, 2025 07:29:00
    Chinese hackers launch major cyberattack campaign against businesses across
    the world

    Date:
    Tue, 10 Jun 2025 15:00:35 +0000

    Description:
    More than 75 organizations targeted since June 2024 as China prepares for conflict, researchers claim.

    FULL STORY

    Chinese hackers have been targeting companies across the world for roughly a year now, and have managed to compromise at least 75 organizations - although the actual number of victims could be a lot bigger.

    Cybersecurity researchers at SentinelLABS were alerted to the campaign after their own infrastructure was targeted, and in an analysis, explained that
    after spotting this failed breach attempt, they started looking for more victims, tried to identify the attackers, and set out to determine when the campaign started.

    They concluded that the earliest evidence of the campaign was in June 2024, which means that the attacks were going on for approximately a year.

    Preparing for war

    They attributed the attacks to three China-linked threat actor collectives: APT15 (AKA Ke3Chang or Nylon Typhoon), UNC5174, and APT41.

    The former is known for targeting telcos, IT services, and government
    sectors, and UNC5174 is known to have ties to Chinas Ministry of State Security.

    Apparently, it has been involved in global espionage and resale campaigns in the past, as well. Finally, APT41 was previously seen using ShadowPad - a
    piece of malware spotted in these attacks, as well.

    The cyberespionage campaign targeted a wide range of victims, including an IT services and logistics company that manages hardware needs for SentinelOne employees, a leading European media organization (targeted for intelligence gathering, apparently), and a South Asian government entity providing IT services and infrastructure across multiple sectors.

    SentinelLABS says most of the victims are operating in manufacturing, government, finance, telecommunications, and research sectors - all
    essential, critical infrastructure organizations.

    This led the researchers to conclude that the attackers were most likely positioning for potential conflict, either cyber-related, or military.

    "They might be going after government organizations for more direct
    espionage," SentinelOne threat researcher Tom Hegel told The Register .

    "And then major global media organizations maybe it's silencing certain
    topics or disrupting them for reporting on certain things. If they are
    sitting on their adversaries' networks media organizations, or government entities or their defense companies they are able to flip a switch if
    conflict were to occur."

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/chinese-hackers-launch-major-cyberattac k-campaign-against-businesses-across-the-world

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)