Security News > 2022 > February > Hackers Backdoored Systems at China's National Games Just Before Competition

Systems hosting content pertaining to the National Games of China were successfully breached last year by an unnamed Chinese-language-speaking hacking group.

Cybersecurity firm Avast, which dissected the intrusion, said that the attackers gained access to a web server 12 days prior to the start of the event on September 3 to drop multiple reverse web shells for remote access and achieve permanent foothold in the network.

Attempts were made to reconfigure the server to execute the Behinder web shell, failing which the operators "Uploaded and ran an entire Tomcat server properly configured and weaponized" with the post-exploitation tool.

"After gaining access, the attackers tried to move through the network using exploits and bruteforcing services in an automated way," Avast researchers David Álvarez Pérez and Jan Neduchal said.

"Go is a programming language becoming more and more popular which can be compiled for multiple operating systems and architectures, in a single binary self-containing all dependencies," the researchers said, calling out the increasing use of Go-based malware to conduct cyber attacks.

"So we expect to see malware and grey tools written in this language in future attacks, especially in attacks where a broad variety of devices leveraging different kinds of processor architectures are involved."

News URL

https://thehackernews.com/2022/02/hackers-backdoored-systems-at-chinas.html