Security News

China-based scammers are using a combination of fake loan apps and India's real-time mobile payment system, Unified Payments Interface, to separate victims from their cash, according to a report by threat intel firm CloudSEK. "UPI service providers currently operate without coverage under the Prevention of Money Laundering Act," explained [PDF] CloudSEK researchers, letting the scammers' exploit the platforms with relative ease. Chinese payment gateways ensure the authorities cannot pursue the scammers.

A US Navy service member pleaded guilty yesterday to receiving thousands of dollars in bribes from a Chinese spymaster in exchange for passing on American military secrets. Petty Officer Wenheng Zhao, 26, aka Thomas Zhao, of Monterey Park, California, now faces up to 20 years in prison for two federal felony offenses: conspiring with a People's Republic of China intelligence officer, and receiving a bribe.

A former US Army Sergeant with Top Secret US military clearance created a Word document entitled "Important Information to Share with Chinese Government," according to an FBI agent's sworn declaration. The DoJ said Schmidt retired from active duty in January 2020, traveling to China, then back to the US, then to Istanbul in February 2020, before returning to the US again, and then going back to China in March 2020.

Hackers engaging in cyber espionage have targeted Chinese-speaking semiconductor companies with TSMC-themed lures that infect them with Cobalt Strike beacons. The campaign spotted by EclecticIQ focuses on firms based in Taiwan, Hong Kong, and Singapore, with the observed TTPs bearing similarities to previous activities linked to Chinese state-backed threat groups.

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points...

Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset. The intrusions, targeting a Middle...

Chinese minister for national security Chen Yixin has penned an article rating the digital risks his country faces and rated network security incidents as the most realistic source of harm to the Chinternet - both in terms of attacks and the dissemination of fake news. The article appeared in China Cyberspace, the official organ of regulator the Cyberspace Administration of China.

An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this...

China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions...

The ongoing face-off between Washington and Beijing over technology and security issues has taken a new twist, with China accusing the US of hacking into the servers of Huawei in 2009 and conducting other cyber-attacks to steal critical data. China's Ministry of State Security made the allegations in a posting on WeChat, claiming that in 2009 US intelligence services "Began to invade servers at Huawei headquarters and continued to monitor them."