Sunday, March 13, 2022

New hacking activities by APT-41 (China)

APT41 spies broke into 6 US state networks via a livestock app. The China-affiliated state-sponsored threat actor used Log4j and zero-day bugs in the USAHerds animal-tracking software to hack into multiple government networks.

In a report published by Mandiant on Tuesday, researchers described a prolonged incursion conducted by APT41. They detected the activity in May 2021 and tracked it through last month, February 2022, observing the spy group pry open vulnerable, internet-facing web apps that were often written in ASP.NET.

APT41 – aka Winnti, Barium, Wicked Panda, or Wicked Spider – is an advanced persistent threat (APT) actor known for nation-state-backed cyber espionage, supply-chain hits, and profit-driven cybercrime.

Back in 2020, DoJ indicted five Chinese nationals linked to APT-41 for allegedly hacking into more than 100 companies in the U.S. and abroad, including social-media firms, universities & telecoms.

https://www.mandiant.com/resources/apt41-us-state-governments

No comments:

Post a Comment