Cybersecurity Firm Warns of New Cyber Espionage Tactic by Chinese Hackers

The Epoch Times Header

Chinese state-backed hackers took advantage of outdated hardware and software to access routers and take over computer networks.

A Chinese hacker group is targeting routers made by a major U.S. manufacturer, taking advantage of outdated software and hardware to hijack routers and access computer networks, a cybersecurity firm warned Wednesday.

It’s a new tactic in an increasingly sophisticated cybercrime landscape, according to the firm.

Mandiant, a Google subsidiary known for outing Chinese hackers, reported in a blog post March 12 that the state-backed hacker group UNC3886 targeted routers made by Juniper Networks.

The Silicon Valley-based tech company is a main competitor to Cisco, the leader in the U.S. router market. While many Juniper products are manufactured in China and other parts of Southeast Asia, most of its higher-end products are assembled in North America.

In mid-2024, Mandiant found that attackers had deployed a program that accessed victims’ computers by disabling login mechanisms.

Once in the system, the program could carry out active backdoor functions, which directly interfered with the system, or passive backdoor functions—“eavesdropping” or gathering information.

Mandiant noted that the back doors were based on an open-source, low-maintenance program named TINYSHELL.

According to Mandiant, the vulnerability that enabled the intrusions was the use of routers running outdated or “end-of-life” hardware and software.

A New Tactic

Mandiant noted that in 2022 and 2023, it reported that hacker group UNC3886 had breached server software such as VMware ESXi, Linux vCenter servers, and Windows virtual machines.

Wednesday’s blog post described “a development in UNC3886’s tactics, techniques and procedures,” and a focus on devices that may lack security monitoring and detection solutions.

Compromising routing devices is a new espionage tactic, the report said, “as it grants the capability for a long-term, high-level access to the crucial routing infrastructure, with a potential for more disruptive actions in the future.”

Mandiant described UNC3886 as “highly adept.” The hacker group’s modus operandi is to acquire “legitimate credentials” and use them to operate undetected.

Historically, the group has targeted network devices and virtualization technologies with “zero-day exploits,” cyber attacks that take advantage of previously unknown vulnerabilities in software, hardware, or firmware before vendors have a chance to patch them.

By Dave Malyon

Read Full Article on TheEpochTimes.com

The Epoch Times
The Epoch Timeshttps://www.theepochtimes.com/
Tired of biased news? The Epoch Times is truthful, factual news that other media outlets don't report. No spin. No agenda. Just honest journalism like it used to be.

Columns

Lefty Activist Judges are Obstructing Trump’s Presidency

Activist judge’s ruling to block President Donald Trump from being able to execute his Constitutional Article 2 Powers pose a real “Constitutional crisis”.

France’s Next Quarterly Nuclear Drills Might Become Prestige-Building Exercises With Poland

Europe wonders what form Macron’s plans to extend his nuclear umbrella over the continent could take, considering risks entailed after Moscow’s negative reaction.

RFK Jr. Nukes HHS ‘Research’ Grants Designed to Stamp Out ‘Vaccine Hesitancy’

RFK Jr. must be waiting to get data firmly on his side before yanking COVID shots off the market and delivering pharmaceutical criminals to the DOJ.

An Actual Deep State Coup is Exposed in a CIA Email

Journalist John Solomon of “Just the News” on Real America’s Voice dropped a BOMBSHELL news report that appears to be old news revisited.

The new economics of compassionatlism

The aftermath of the Covid 19 pandemic has seen a global turn to stagflation, in which the cost of good and services increases regardless of economic growth.

News

Johns Hopkins University Laying Off Over 2,000 Workers After Federal Funding Cut

Johns Hopkins University will lay off over 2,000 workers worldwide following Trump admin’s termination of $800 million in federal funding for institution.

American Airlines Plane Catches Fire at Denver Airport, Forces Evacuation

Passengers were forced to evacuate from an American Airlines plane that caught fire on March 13 at Denver International Airport.

FBI Director Responds to ‘Alarming Rise’ in Recent Swatting Incidents

FBI Dir. Kash Patel said federal law enforcement bureau is investigating “swatting” incidents that have targeted certain media figures in recent days.

Trump Admin Asks Supreme Court to Unblock Birthright Citizenship Order

Trump admin asked Supreme Court to roll back multiple preliminary injunctions courts have issued against his EO to restrict birthright citizenship.

NIH Wants to Cap Funding for Indirect Research Costs—What Are They?

NIH is the world’s largest funder of medical research, granting billions to colleges and universities yearly. Trump admin seeks to cap paid overhead costs.

Border Apprehensions of Illegal Immigrants Hit Lowest in History, CBP Says

Number of illegal immigrants apprehended by authorities declined 94% year-over-year under Trump, according to latest figures released by CBP.

98 Protesters Arrested After Occupying Trump Tower to Demand Release of Pro-Palestinian Activist

Police arrested protesters occupying lobby of Trump Tower in NYC, staging demonstration supporting Palestine and against arrest of Mahmoud Khalil.

Judge Rules Against Trump in Labor Case With Implications for DOGE

U.S. District Judge Sparkle Sooknanan ordered President Donald Trump...
spot_img

Related Articles

Popular Categories

MAGA Business Central