科技动态

Chinese spies linked to decade-long hacking campaign

微信扫一扫,分享到朋友圈

Chinese spies linked to decade-long hacking campaign

There are common methods and goals to the attacks. They usually start withphishing to trick someone into compromising the company network (often using political bait), and then use a mix of custom and off-the-shelf malware to collect info. They’ll often stay undetected by “living off the land” with the victim’s own software, such as system admin tools. The intuders are primarily looking for code signing certificates and “software manipulation,” according to the report.

The perpetrators also make occasional mistakes, and it’s those slip-ups that helped identify the Chinese origins. They normally use command-and-control servers to hide, but they inadvertently accessed some machines using IP addresses from China Unicom’s network in a Beijing district.

Even with these mistakes, the Winnti umbrella is an “advanced and potent threat,” 401TRG said. It’s also a not-so-subtle reminder that China’s state-backed hacking efforts are deeper than they seem at first glance — hacks that appear to be one-off incidents may be linked if you look for subtler similarities.

精雕细琢大气之作 华为P20如何傲视群雄

上一篇

他不向任何势力妥协,他被祖国封杀,却在全球有2亿拥趸

下一篇

你也可能喜欢

评论已经被关闭。

插入图片

热门栏目

Chinese spies linked to decade-long hacking campaign

长按储存图像,分享给朋友