Subj : Chinese hackers launch ma
To   : All
From : Mike Powell
Date : Wed Jun 11 2025 07:29 am

Chinese hackers launch major cyberattack campaign against businesses across
the world

Date:
Tue, 10 Jun 2025 15:00:35 +0000

Description:
More than 75 organizations targeted since June 2024 as China prepares for
conflict, researchers claim.

FULL STORY

Chinese hackers have been targeting companies across the world for roughly a
year now, and have managed to compromise at least 75 organizations - although
the actual number of victims could be a lot bigger.

Cybersecurity researchers at SentinelLABS were alerted to the campaign after
their own infrastructure was targeted, and in an analysis, explained that
after spotting this failed breach attempt, they started looking for more
victims, tried to identify the attackers, and set out to determine when the
campaign started.

They concluded that the earliest evidence of the campaign was in June 2024,
which means that the attacks were going on for approximately a year.

Preparing for war

They attributed the attacks to three China-linked threat actor collectives:
APT15 (AKA Ke3Chang or Nylon Typhoon), UNC5174, and APT41.

The former is known for targeting telcos, IT services, and government
sectors, and UNC5174 is known to have ties to Chinas Ministry of State
Security.

Apparently, it has been involved in global espionage and resale campaigns in
the past, as well. Finally, APT41 was previously seen using ShadowPad - a
piece of malware spotted in these attacks, as well.

The cyberespionage campaign targeted a wide range of victims, including an IT
services and logistics company that manages hardware needs for SentinelOne
employees, a leading European media organization (targeted for intelligence
gathering, apparently), and a South Asian government entity providing IT
services and infrastructure across multiple sectors.

SentinelLABS says most of the victims are operating in manufacturing,
government, finance, telecommunications, and research sectors - all
essential, critical infrastructure organizations.

This led the researchers to conclude that the attackers were most likely
positioning for potential conflict, either cyber-related, or military.

"They might be going after government organizations for more direct
espionage," SentinelOne threat researcher Tom Hegel told The Register .

"And then major global media organizations  maybe it's silencing certain
topics or disrupting them for reporting on certain things. If they are
sitting on their adversaries' networks   media organizations, or government
entities or their defense companies  they are able to flip a switch if
conflict were to occur."

======================================================================
Link to news story:
https://www.techradar.com/pro/security/chinese-hackers-launch-major-cyberattac
k-campaign-against-businesses-across-the-world

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.