Security News > 2020 > November > Chinese Hackers Target Japanese Organizations in Large-Scale Campaign
China-linked threat actor APT10 was observed launching a large-scale campaign against Japanese organizations and their subsidiaries.
The attacks mainly focused on South and East Asia, with one victim being a Chinese subsidiary of a Japanese organization, an atypical target for a state-sponsored Chinese group.
As part of the attacks, the hackers used living-off-the-land, dual-use, and publicly available tools and techniques for network reconnaissance, credential theft, file archiving, and more, including Certutil, Adfind, Csvde, Ntdsutil, WMIExec, and PowerShell.
"The scale and sophistication of this attack campaign indicate that it is the work of a large and well-resourced group, such as a nation-state actor, with Symantec discovering enough evidence to attribute it with medium confidence to Cicada," Symantec notes.
"Among the most prominent threats on the darknet, KELA observed leaks and sales of Japanese entities' data. While many offers are related to regular users, some actors are specifically looking for corporate data of Japanese organizations," KELA notes.
News URL
Related news
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Chinese Weaver Ant hackers spied on telco network for 4 years (source)
- Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps (source)