Security News > 2022 > August > Chinese Hackers Targeted Dozens of Industrial Enterprises and Public Institutions

Over a dozen military-industrial complex enterprises and public institutions in Afghanistan and Europe have come under a wave of targeted attacks since January 2022 to steal confidential data by simultaneously making use of six different backdoors.

Attack chains entail penetrating the enterprise IT networks using carefully crafted phishing emails, including some that referenced non-public information pertaining to the organizations, to trick recipients into opening rogue Microsoft Word documents.

PortDoor was notably employed in spear-phishing attacks mounted by Chinese state-sponsored hackers in April 2021 to hack into the systems of a defense contractor that designs submarines for the Russian Navy.

"Spear phishing remains one of the most relevant threats to industrial enterprises and public institutions," Kaspersky said.

"The attackers used primarily known backdoor malware, as well as standard techniques for lateral movement and antivirus solution evasion."

"At the same time, they were able to penetrate dozens of enterprises and even take control of the entire IT infrastructure, and IT security solutions of some of the organizations attacked."

News URL

https://thehackernews.com/2022/08/chinese-hackers-targeted-dozens-of.html