Security News > 2020 > November > Chinese APT10 hackers use Zerologon exploits against Japanese orgs

A Chinese state-sponsored hacking group has been observed while attempting to exploit the Windows Zerologon vulnerability in attacks against Japanese companies and subsidiaries from multiple industry sectors in 17 regions around the globe.
APT10 attackers were also observed using Zerologon exploits to steal domain credentials and take full control over the entire domain following successful exploitation of vulnerable devices.
Takeshi Osuga, Japan's Foreign Ministry press secretary, also said that "Japan has identified continuous attacks by the group known as APT10 to various domestic targets and expresses resolute condemnation of such attack."
Since June 2020, several other Japanese organizations also had their networks compromised, including but not limited to corporations, universities, and an undisclosed Japanese ministry.
To make matters even worse and to show the risks Japanese orgs from all sectors are facing, KELA also found data belonging to Japanese corporations, government, and educational entities either actively being shared on the dark web or at a high demand.
News URL
Related news
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)