Source: www.databreachtoday.com – Author: 1
Cyberwarfare / Nation-State Attacks
,
Fraud Management & Cybercrime
,
Network Firewalls, Network Access Control
BlackTech Exploits Trusted Relationship Between Outpost and Parent Firm
Akshaya Asokan (asokan_akshaya) •
September 27, 2023
A Chinese hacking group linked to state authorities in Beijing has upgraded its espionage capabilities to target companies with headquarters in the United States and East Asia, warned an alert from Japanese and American cyber agencies.
See Also: Live Webinar | Cyber Resilience: Recovering from a Ransomware Attack
The latest campaign from BlackTech has targeted networks of regional subsidiaries across government, industrial, technology and defense industrial base sectors. BlackTech, active since 2010, is also tracked as Circuit Panda, Palmerworm and Temp.Overboard. The group has stolen intellectual property from Taiwanese technology firms and occasionally has targeted companies in Japan and Hong Kong.
In its latest campaign, the group is looking for network devices, including routers, located at branch offices to compromise as a gateway into the larger corporate network, BendyBear, FakeDead – also known as TSCookie, and Flagpro. BlackTech also uses Windows utilities for its own ends – a technique known as “living off the land.”
Original Post url: https://www.databreachtoday.com/chinese-hackers-target-routers-in-ip-theft-campaign-a-23179
Category & Tags: –
Views: 0
