Hacking Group Linked to Chinese Government Caught Modifying Router Software
Chinese hackers stole 60k State Department emails, Johnson Controls hit with massive ransomware attack, Russian exploit firm offers $20m for mobile hacks, Snatch group leaks own data, much more
CISA, NSA, FBI, and Japan are warning that a state-sponsored hacking group known as BlackTech, aka Palmerworm, Circuit Panda, and Radio Panda, which is linked to the Chinese government, has been discovered modifying software inside Cisco and other brands’ routers to target companies based in their countries.
According to a joint advisory, BlackTech has targeted government, industrial, technology, telecommunications, and defense sectors,
Once inside the internal networks of international subsidiaries, the group has turned off logging to pivot undetected to target the companies’ headquarters in the US and Japan. The advisory said that targeting Windows, Linux, and FreeBSD operating systems, the group has been using various remote access tools, malware, and “living off the land” techniques to remain undetected.
A Cisco spok…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.