Six US states hit by China-based cyberattack
Cybersecurity firm Mandiant uncovered evidence of data exfiltration by the Chinese hacking group known as 'APT41', which targeted US state governments between May 2021 and February 2022.
The events were exploited while their networks were vulnerable to Log4Shell in Apache Log4j. While the motives of the cyberattackers could not be ascertained, the intrusions were consistent with an espionage operation.
References:
- 08/03/2022 mandiant.com Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments
- 08/03/2022 wired.com Chinese Spies Hacked a Livestock App to Breach US State Networks
- 08/03/2022 theverge.com China-backed hackers breached government networks in at least six US states, per new report
- 08/03/2022 techcrunch.com China-backed APT41 compromised ‘at least’ six US state governments
- 09/03/2022 threatpost.com APT41 Spies Broke Into 6 US State Networks via a Livestock App
- 14/03/2022 computing.co.uk US-based IP addresses seized control of Chinese systems to target Russia, Belarus and Ukraine, China says