HomeSecurity OperationsThe FBI seeks public assistance in locating Chinese hackers

The FBI seeks public assistance in locating Chinese hackers

Published on

spot_img

The US Federal Bureau of Investigation (FBI) has reached out to the public for assistance in the investigation and identification of a threat actor targeting edge devices and computer networks within government agencies and other organizations. This comes as cybersecurity researchers from Sophos have uncovered an Advanced Persistent Threat (APT) group that has been involved in creating and deploying malware to conduct indiscriminate computer intrusions aimed at stealing sensitive information from firewalls globally.

The FBI highlighted a specific vulnerability, CVE-2020-12271, an SQL injection issue discovered in SFOS 17.0, 17.1, 17.5, and 18.0 prior to late April 2020, affecting Sophos XG Firewall devices. This vulnerability allowed the threat actors to exploit remote code execution (RCE), leading to the extraction of usernames and hashed passwords from local device admins, portal admins, and user accounts.

The campaign associated with this threat actor spans several years, with multiple hacking incidents reported between 2018 and 2023. Sophos has identified these attacks as part of a larger initiative known as Pacific Rim, which has been attributed to various Chinese state-sponsored threat groups, including Volt Typhoon. In addition to CVE-2020-12271, other vulnerabilities exploited in this campaign include CVE-2020-15069, CVE-2020-29574, CVE-2022-1040, and CVE-2022-3236.

Sophos noted a shift in the threat actor’s tactics in 2021 towards more targeted attacks on specific entities such as government agencies, critical infrastructure, research organizations, healthcare providers, retail, finance, military, and public-sector organizations primarily in the Asia-Pacific region. The FBI is urging individuals with relevant information to contact them through platforms like WhatsApp, Signal, or Telegram to aid in the investigation.

This call to arms by the FBI underscores the growing cybersecurity challenges faced by government and private sector organizations, as threat actors become increasingly sophisticated in their tactics. The collaboration between law enforcement agencies and cybersecurity researchers is crucial in combating these threats and protecting sensitive data from malicious actors.

As the investigation into the APT group targeting edge devices and computer networks continues, the FBI is counting on the support and cooperation of the public to help identify and apprehend those responsible for these cyber intrusions. By working together, law enforcement and individuals can strengthen cybersecurity measures and prevent future attacks on critical infrastructure and government agencies.

Source link

Latest articles

When AI Agents Transform into Your Next Supply Chain Threat

When AI Agents Become Your Next Supply Chain Attack In an era where technology continues...

AWS GovCloud Credential Leak Prompts CISA to Share Important Cyber Incident Lessons

The Cybersecurity and Infrastructure Security Agency (CISA) has recently made public the details surrounding...

Webinar: The Infrastructure Decisions Shaping the Next Five Years

Webinar Explores Infrastructure Decisions Shaping the Next Five Years In a recent webinar titled "The...

Blip – Free Cross-Platform File Sharing App

New File-Sharing Application 'Blip' Revolutionizes Device-to-Device Transfers A groundbreaking file-sharing application named Blip has emerged,...

More like this

When AI Agents Transform into Your Next Supply Chain Threat

When AI Agents Become Your Next Supply Chain Attack In an era where technology continues...

AWS GovCloud Credential Leak Prompts CISA to Share Important Cyber Incident Lessons

The Cybersecurity and Infrastructure Security Agency (CISA) has recently made public the details surrounding...

Webinar: The Infrastructure Decisions Shaping the Next Five Years

Webinar Explores Infrastructure Decisions Shaping the Next Five Years In a recent webinar titled "The...