Chinese hackers
Belgium probes if Chinese hackers breached its intelligence service
The Belgian federal prosecutor’s office is investigating whether Chinese hackers were behind a breach of the country’s State Security Service (VSSE). Chinese state-backed attackers reportedly gained access to VSSE’s external email server between 2021 and May 2023, siphoning around 10% of all emails sent and received by the agency’s staff. The compromised server was only […]
Chinese hackers use custom malware to spy on US telecom networks
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. telecommunication providers. Salt Typhoon (aka Earth Estries, GhostEmperor, and UNC2286) is a sophisticated hacking group active since at least 2019, primarily focusing on breaching government entities and telecommunications companies. […]
US Treasury hack linked to Silk Typhoon Chinese state hackers
Chinese state-backed hackers, tracked as Silk Typhoon, have been linked to the U.S. Office of Foreign Assets Control (OFAC) hack in early December. Last month, GeekFeed reported that the Treasury disclosed a significant cybersecurity incident. The attackers used a stolen Remote Support SaaS API key to compromise a BeyondTrust instance used by the Treasury, allowing them to […]
Chinese hackers also breached Charter and Windstream networks
More U.S. companies have been added to the list of telecommunications firms hacked in a wave of breaches by a Chinese state-backed threat group tracked as Salt Typhoon. This comes after AT&T, Verizon, and Lumen confirmed on December 30 that they have evicted the hackers from their networks. After breaching their networks, the Salt Typhoon hackers gained access […]
White House: Salt Typhoon hacked telcos in dozens of countries
Chinese state hackers, known as Salt Typhoon, have breached telecommunications companies in dozens of countries, President Biden’s deputy national security adviser Anne Neuberger said today. During a Wednesday press briefing, the White House official told reporters that these breaches include a total of eight telecom firms in the United States, with only four previously known. […]
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. The zero-day allows the threat actors to dump the credentials from memory after the user authenticated with the VPN device Volexity researchers report that they discovered this flaw earlier this summer and […]