Security News > 2022 > February > China's APT10 cyber-spies 'targeted Taiwanese financial firms'

State-sponsored attackers from China conducted a two-month campaign against Taiwanese financial services firms, according to CyCraft, a security consultancy from the island nation.

CyCraft's analysis of the incident alleges that the attack run started in November 2021, when the malicious actors - named as Chinese gang APT10 - used supply chain attacks to target software used by Taiwanese financial institutions.

The security firm's post states that the application targeted is used by 80 per cent of Taiwan's financial institutions.

The visible effect of the attacks was a number of unusual orders to acquire financial instruments, but CyCraft suggests that attackers were also trying to steal financial information.

Whatever the motive of the attacks, they were sophisticated - attackers breached systems using a web service vulnerability present in security software, then deployed QuasarRAT and used it to download other malware payloads.

The USA has drawn Taiwan closer to ensure access to those technologies, while also making it harder for Chinese firms to get such tech.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/02/23/apt10_operation_cache_panda_taiwan/