Cybersecurity Firm Warns of New Cyber Espionage Tactic by Chinese Hackers

The Epoch Times Header

Chinese state-backed hackers took advantage of outdated hardware and software to access routers and take over computer networks.

A Chinese hacker group is targeting routers made by a major U.S. manufacturer, taking advantage of outdated software and hardware to hijack routers and access computer networks, a cybersecurity firm warned Wednesday.

It’s a new tactic in an increasingly sophisticated cybercrime landscape, according to the firm.

Mandiant, a Google subsidiary known for outing Chinese hackers, reported in a blog post March 12 that the state-backed hacker group UNC3886 targeted routers made by Juniper Networks.

The Silicon Valley-based tech company is a main competitor to Cisco, the leader in the U.S. router market. While many Juniper products are manufactured in China and other parts of Southeast Asia, most of its higher-end products are assembled in North America.

In mid-2024, Mandiant found that attackers had deployed a program that accessed victims’ computers by disabling login mechanisms.

Once in the system, the program could carry out active backdoor functions, which directly interfered with the system, or passive backdoor functions—“eavesdropping” or gathering information.

Mandiant noted that the back doors were based on an open-source, low-maintenance program named TINYSHELL.

According to Mandiant, the vulnerability that enabled the intrusions was the use of routers running outdated or “end-of-life” hardware and software.

A New Tactic

Mandiant noted that in 2022 and 2023, it reported that hacker group UNC3886 had breached server software such as VMware ESXi, Linux vCenter servers, and Windows virtual machines.

Wednesday’s blog post described “a development in UNC3886’s tactics, techniques and procedures,” and a focus on devices that may lack security monitoring and detection solutions.

Compromising routing devices is a new espionage tactic, the report said, “as it grants the capability for a long-term, high-level access to the crucial routing infrastructure, with a potential for more disruptive actions in the future.”

Mandiant described UNC3886 as “highly adept.” The hacker group’s modus operandi is to acquire “legitimate credentials” and use them to operate undetected.

Historically, the group has targeted network devices and virtualization technologies with “zero-day exploits,” cyber attacks that take advantage of previously unknown vulnerabilities in software, hardware, or firmware before vendors have a chance to patch them.

By Dave Malyon

Read Full Article on TheEpochTimes.com

The Epoch Times
The Epoch Timeshttps://www.theepochtimes.com/
Tired of biased news? The Epoch Times is truthful, factual news that other media outlets don't report. No spin. No agenda. Just honest journalism like it used to be.

Columns

Biden’s Autopen Was A Mighty Big Sword

The autopen was used to sign Biden's name on pardons and EO, even when he was out of the country. Did he know what was signed? Did he authorize the signatures?

I Refuse To Be A Serf

“How are people not furious about property taxes?” President Trump...

Putting it to rest

As the nation hits its taxation stride on its way to April 15th and DOGE continues to reveal waste and fraud, a review of the nation’s finances is overdue.

Lefty Activist Judges are Obstructing Trump’s Presidency

Activist judge’s ruling to block President Donald Trump from being able to execute his Constitutional Article 2 Powers pose a real “Constitutional crisis”.

France’s Next Quarterly Nuclear Drills Might Become Prestige-Building Exercises With Poland

Europe wonders what form Macron’s plans to extend his nuclear umbrella over the continent could take, considering risks entailed after Moscow’s negative reaction.

News

Pentagon Taps 2 Firms That Partner With Ukraine to Make Drone Prototypes

Two Ukrainian companies will help manufacture prototype drones for the Pentagon, as the United States seeks to rapidly scale its unmanned capabilities.

Dismantling of Education Department Is Underway, Drawing Legal Challenges

Trump has yet to issue an EO to eliminate the Dept of Education or work with Congress to do it, but the process of dismantling it is well underway.

NASA’s Starliner Astronauts Welcome New Crew to Space Station

One day after blasting off from the Kennedy Space Center in Florida, the SpaceX Crew-10 capsule arrived at the International Space Station on March 16.

Sen. Lankford Sees New ‘Wild Card’ Role as Chance to Speed Up Senate

Sen. James Lankford is guiding colleagues as vice chair of the Senate Republican Conference informing media and the public about efforts of party’s senators.

Massive Storm Leaves at Least 33 Dead as US Hit by Tornadoes, Wildfires, Blinding Dust

Violent weather broke out across the central and southern US, sending tornadoes and high winds with storm killing at least 33 people as of March 16.

Judge Blocks Trump’s Efforts to Deport Gang Members Under 1798 Alien Enemies Act

Federal judge blocked Trump’s efforts to rapidly deport members of Venezuelan gang Tren de Aragua through use of the Alien Enemies Act of 1798.

US to Pay El Salvador $6 Million to Imprison 300 Illegal Immigrant Gang Members for a Year

Trump admin is set to pay El Salvador $6 million to hold 300 members of Venezuelan Tren de Aragua gang and 2 alleged members of MS-13 in prison for a year.
spot_img

Related Articles

Popular Categories

MAGA Business Central