![]() ![]() Given that a large portion of the targets were government entities, the researchers said this supports their assessment that the threat group has an intelligence-gathering motivation, rather than conducting destructive data attacks. Mandiant’s researchers say the threat group exploited the Barracuda ESG flaws to deploy custom malware, which maintains the hackers’ access to the devices while it exfiltrates data.Īccording to its report, Mandiant said it found evidence that UNC4841 “searched for email accounts belonging to individuals working for a government with political or strategic interest to at the same time that this victim government was participating in high-level, diplomatic meetings with other countries.” Mandiant is attributing the hacks to an as-yet-uncategorized threat group it calls UNC4841, which shares infrastructure and malware code overlaps with other China-backed hacking groups. Barracuda said in a statement, provided by Emma Goulding, a spokesperson for Barracuda via public relations firm Highwire, that about 5% of active ESG devices worldwide showed evidence of compromise as of June 10. In its latest guidance, Mandiant also warned customers to replace affected gear after finding evidence that the China-backed hackers gained deeper access to networks of affected organizations.īarracuda has about 200,000 corporate customers around the world. ![]() But the company later recommended customers remove and replace affected ESG appliances, regardless of patch level, suggesting the patches failed or were unable to block the hacker’s access. Barracuda issued patches and warned that hackers had been exploiting the flaw since October 2022. Last month, Barracuda discovered the security flaw affecting its Email Security Gateway (ESG) appliances, which sit on a company’s network and filter email traffic for malicious content. Mandiant, which was called in to run Barracuda’s incident response, said the hackers exploited the flaw to compromise hundreds of organizations likely as part of an espionage campaign in support of the Chinese government.Īlmost a third of the targeted organizations are government agencies, Mandiant said in a report published Thursday. "Relying on espionage organizations and their agents" as well as the unauthorized obtaining of "documents, data, materials, and items related to national security and interests" can constitute a spying offense, according to the amendments.Security researchers at Mandiant say China-backed hackers are likely behind the mass-exploitation of a recently discovered security flaw in Barracuda Networks’ email security gear, which prompted a warning to customers to remove and replace affected devices. The US has accused China of espionage and China has also maintained that it is under threat from spies.Įarlier this month, China, citing national security, had called on its citizens to get involved in counter-espionage activities.īeijing has also been trying to amp up its effort to tackle spying activities and last month revised its anti-espionage law, which gives authorities wide-ranging power to punish anyone deemed threatening its national security. China's fixation on national securityĬhina's increasing focus on national security has been one of the reasons for its increasingly thorny relations with the United States. To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 videoĬhinese officials alleged that Zeng signed a contract with the United States and was trained to spy on China.Īccording to the TV report, stringent action, including detention, was taken against Zeng. ![]() US-China: What’s behind the growing tensions?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |