Security News > 2021 > July > China-Linked APT31 Abuses Hacked Routers in Attacks, France Warns
The French National Agency for the Security of Information Systems on Wednesday issued an alert to warn organizations that a threat group tracked as APT31 has been abusing compromised routers in its recent attacks.
The agency has shared indicators of compromise to help organizations detect potential attacks.
"It appears from our investigations that the threat actor uses a network of compromised home routers as operational relay boxes in order to perform stealth reconnaissance as well as attacks," ANSSI said.
APT31 is also known as Zirconium, Judgment Panda and Red Keres, and its activities were previously linked to the Chinese government.
APT31 is one of the three threat groups that the UK government officially attributed to China this week when Five Eyes countries, the European Union, NATO, and Japan officially attributed Microsoft Exchange server attacks to hackers affiliated with the Chinese government.
The UK said APT31 had targeted government entities, political figures, contractors and service providers in European countries, including Finland's parliament last year.
News URL
Related news
- China Surveillance Company Hacked (source)
- Russian hackers hijack Ubiquiti routers to launch stealthy attacks (source)
- Hacked WordPress Sites Abusing Visitors' Browsers for Distributed Brute-Force Attacks (source)
- Possible China link to Change Healthcare ransomware attack (source)
- Roku warns 576,000 accounts hacked in new credential stuffing attacks (source)