Since early this year, a known APT group of Chinese origin has been targeting military industrial complex enterprises and public institutions in Ukraine, Russia and Belarus, as well as in other parts of the world like Afghanistan. The group, tracked in the past as TA428, has an interesting approach where it deploys up to six different backdoors on compromised targets, likely to achieve persistence and redundancy.
The targets included industrial plants, design bureaus, research institutes, and government ministries, agencies, and departments, according to researchers from antivirus vendor Kaspersky Lab, which investigated the attack campaign.
“The attackers were able to penetrate dozens of enterprises and even hijack the IT infrastructure of some, taking control of systems used to manage security solutions,” the researchers said in a report. “An analysis of information obtained while investigating the incidents indicates that cyberespionage was the goal of this series of attacks.”
More Stories
The AI Fix #30: ChatGPT reveals the devastating truth about Santa (Merry Christmas!)
In episode 30 of The AI Fix, AIs are caught lying to avoid being turned off, Appleās AI flubs a...
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM...
Spyware Maker NSO Group Found Liable for Hacking WhatsApp
A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse...
Spyware Maker NSO Group Liable for WhatsApp User Hacks
A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group Read More
Major Biometric Data Farming Operation Uncovered
Researchers at iProov have discovered a dark web group compiling identity documents and biometric data to bypass KYC checks Read...
Ransomware Attack Exposes Data of 5.6 Million Ascension Patients
US healthcare giant Ascension revealed that 5.6 million individuals have had their personal, medical and financial information breached in a...