Chinese hackers hack into VPNs made by an American company by infiltrating the digital networks of US security companies, IT Security Adviser Mandiant announced Tuesday.
Mandiand’s report linked at least two groups of hackers, one of whom is considered close to the Chinese regime, with malicious software that exploited VPN vulnerabilities. (Systems that allow a secure connection to be established) Made by Pulse Secure, a company owned by Ivanthi Group.
The document states that from October 2020 to March 2021, hackers used malware to steal the identities of VPN users and hack into the computer systems of prosecution groups.
Governments and financial institutions in Europe and the United States were also targeted, according to Mandiant. It has identified one of the groups named UNC2630.
“UNC2630 operates on behalf of the Chinese government and we suspect that there may be ties with APT5The group of hackers is linked to Beijing authorities, the report said.
He also said that “trusted third parties” had linked APT5 to the hack.
“APT5 continues to attack high-value group networks ”and“ its preferred targets appear to be companies in the aeronautics and defense sectors located in the United States, Europe and Asia ” Mandiant said he did not specify how many companies were affected.
Pulse Secure confirmed most of Mandiant’s report that it has already provided its customers with solutions to prevent malicious software.
The VPN manufacturer said the attack affected “a certain number of customers.”
Earlier, similar attacks had already been recorded in the United States by hackers, and this is the case with Microsoft, which warned in March this year that Chinese hackers could access users’ emails.
With the support of the Xi Jinping regime, hackers sought to steal information in a variety of fields, including epidemiological research, law firms, higher education, security contractors, and voluntary organizations.
Said Microsoft A “highly skilled and sophisticated” group of hackers operating from China, funded by a government, attempts to steal information from various US targets, Including universities, security contractors, law firms and epidemiologists.
In a post on the company’s official blog, Tom Burt, its corporate vice president of security and user trust, pointed out that hackers took advantage of four previously unknown computer vulnerabilities.
Through system failures that hackers were able to identify, they approached the server, from which They were able to steal information such as email accounts and contacts while installing malware or malware.
That same month, a group of hackers backed by the Chinese regime attacked the systems of two Indian vaccine manufacturers, revealing that they had been injected with the corona virus during the country’s immunization campaign. Reuters With information he can access Cyber Intelligence Agency Cypherma.
(With information from Europa Press and Reuters)