Chinese Hacking Group Used Log4j Vulnerability to Target Large Academic Institution
T-Mobile confirms latest breach includes a "very small number" of customers who fell victims to SIM swap scams, AvosLocker gang gave free decryptor to government agency, CISA warns manufacturers, more
Researchers at Crowdstrike Overwatch say that a Chinese hacking group they call Aquatic Panda, known for industrial espionage and intelligence collection, used a vulnerability in Log4j to go after a large academic institution.
They observed the group attempting to install malware after gaining access using a modified version of a Log4j exploit for VMWare Horizon, a virtual workspace technology. They also observed the Chinese hackers trying to harvest credentials for further exploitation. OverWatch disrupted the attack before Aquatic Panda could take action on their objectives, which rendered the group’s intentions unknown. (Tonya Jo Riley / Cyberscoop)
Related: VentureBeat, ZDNet, Security Week, Crowdstrike
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.