Security News > 2020 > November > Chinese Hackers Target Japanese Organizations in Large-Scale Campaign

Chinese Hackers Target Japanese Organizations in Large-Scale Campaign
2020-11-19 19:28

China-linked threat actor APT10 was observed launching a large-scale campaign against Japanese organizations and their subsidiaries.

The attacks mainly focused on South and East Asia, with one victim being a Chinese subsidiary of a Japanese organization, an atypical target for a state-sponsored Chinese group.

As part of the attacks, the hackers used living-off-the-land, dual-use, and publicly available tools and techniques for network reconnaissance, credential theft, file archiving, and more, including Certutil, Adfind, Csvde, Ntdsutil, WMIExec, and PowerShell.

"The scale and sophistication of this attack campaign indicate that it is the work of a large and well-resourced group, such as a nation-state actor, with Symantec discovering enough evidence to attribute it with medium confidence to Cicada," Symantec notes.

"Among the most prominent threats on the darknet, KELA observed leaks and sales of Japanese entities' data. While many offers are related to regular users, some actors are specifically looking for corporate data of Japanese organizations," KELA notes.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/liy3q2XfDvE/chinese-hackers-target-japanese-organizations-large-scale-campaign