Security News > 2021 > July > China-Linked APT31 Abuses Hacked Routers in Attacks, France Warns
The French National Agency for the Security of Information Systems on Wednesday issued an alert to warn organizations that a threat group tracked as APT31 has been abusing compromised routers in its recent attacks.
The agency has shared indicators of compromise to help organizations detect potential attacks.
"It appears from our investigations that the threat actor uses a network of compromised home routers as operational relay boxes in order to perform stealth reconnaissance as well as attacks," ANSSI said.
APT31 is also known as Zirconium, Judgment Panda and Red Keres, and its activities were previously linked to the Chinese government.
APT31 is one of the three threat groups that the UK government officially attributed to China this week when Five Eyes countries, the European Union, NATO, and Japan officially attributed Microsoft Exchange server attacks to hackers affiliated with the Chinese government.
The UK said APT31 had targeted government entities, political figures, contractors and service providers in European countries, including Finland's parliament last year.
News URL
Related news
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)