Latest in Tomorrow

Image credit:

Chinese digital spying is becoming more aggressive, researchers say

It traced malicious activity to Chinese government contractors.
Marc DeAngelis
03.25.20
270 Shares
Share
Tweet
Share

Sponsored Links

artoleshko via Getty Images

FireEye, a US cybersecurity firm, says that it has seen a concerning spike in activity from what appears to be a Chinese hacking group called APT41. The attacks are being deployed against companies in the US, Canada, the UK and several other counties, which is atypical of Chinese hackers' typical strategy of focusing on a few particular targets. According to FireEye's report, the group is exploiting software flaws in applications and hardware developed by Cisco, Citrix and others to gain access to target companies' networks and download files via FTP, among other strategies. According to the firm, the attacks began on January 20th, dipped during the Chinese New Year celebrations and COVID-19 quarantine measures and are now back at full scale, affecting 75 of FireEye's customers.

Cisco and Citrix both told Reuters that they have patched the vulnerabilities that were being exploited by APT41. Citrix is also coordinating with FireEye to find "potential compromises." Reuters reached out to Dell Technologies' cybersecurity arm, Secureworks, which stated that the company has also seen increased activity from Chinese hackers "over the last few weeks."

Chinese government contractors carrying out cyber attacks is nothing new, but the scope of these current initiatives is concerning. Companies in about 20 countries are being targeted, and APT41 is carrying out subsequent attacks frequently: "This activity is one of the most widespread campaigns we have seen from China-nexus espionage actors in recent years," says FireEye. "This new activity from this group shows how resourceful and how quickly they can leverage newly disclosed vulnerabilities to their advantage." Whether the attackers are purposely taking advantage of a reduced cybersecurity workforce during the coronavirus pandemic or the timing is just a coincidence remains to be determined.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
270 Shares
Share
Tweet
Share

Popular on Engadget

FCC will require phone carriers to authenticate calls by June 2021

FCC will require phone carriers to authenticate calls by June 2021

View
SpaceX aborts Falcon 9 launch with rare 'Liftoff! Disregard' sequence

SpaceX aborts Falcon 9 launch with rare 'Liftoff! Disregard' sequence

View
Apex's electric supercar includes an AR race coach and partial self-driving

Apex's electric supercar includes an AR race coach and partial self-driving

View
Accidental cross-play makes Star Wars 'Jedi Academy' a console bloodbath

Accidental cross-play makes Star Wars 'Jedi Academy' a console bloodbath

View
Ubisoft offers free games to encourage you to stay at home

Ubisoft offers free games to encourage you to stay at home

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr