Mix
Chinese hackers allegedly infiltrated a company’s VPN technology to break into US defense computer networks, security advisor Mandiant said Tuesday.
Mandiant linked at least two hacking groups, one of which is considered an official Chinese cyber espionage operation, with malware used to exploit vulnerabilities in VPN security devices by Pulse Secure, a Utah-based company, Ivanti.
The group used the malware to attempt to hijack user and administrator identities and break into the systems of U.S. defense companies between October 2020 and March 2021, Mandiant said.
It was said that governments and financial corporations in the US and Europe were also targeted.
One of the hacking groups named it UNC2630.
“We suspect that UNC2630 is operating on behalf of the Chinese government and may have ties to APT5,” it said, referring to a well-known state-sponsored Chinese hacking group.
It was said that a “trusted third party” tied the hacking to APT5 as well.
“APT5 persistently aims for a high value …

This data comes from MediaIntel.Asia's Media Intelligence and Media Monitoring Platform.