• About us
  • Contact Us
  • Home
  • Privacy Policy and Disclaimer
TeqGo.com - Tech news
  • News

    How can I save money on Starbucks?

    Do Starbucks workers get stock?

    Can Starbucks hire you at 15?

    Does Starbucks give coffee to employees?

    Why don t Starbucks employees get tips?

    How many stocks do Starbucks partners get?

  • Computer
    How to Realistically Change Hair Color in Photoshop

    How to Realistically Change Hair Color in Photoshop

    How to Blend Images in Photoshop

    How to Outline an Image in Photoshop

    How to Add Texture to an Image in Photoshop

    How to Add Texture to an Image in Photoshop

    How to Export a GIF in Photoshop

    How to Export a GIF in Photoshop

    How to Merge Layers in Photoshop

    How to Undo and Redo in Photoshop

    How to Create a Collage in Photoshop

    How to Create a Collage in Photoshop

  • Gear
    Apple Watch –  Beginners Guide

    Apple Watch – Beginners Guide

    Personal WiFi Routers Help Bring Secure Data Wherever You Are

    Personal WiFi Routers Help Bring Secure Data Wherever You Are

    Trending Tags

    • Best iPhone 7 deals
    • Apple Watch 2
    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • iOS 10
    • iPhone 7
    • Sillicon Valley
  • Mobile
  • Review
    How To Force Reboot Your Apple Watch (And Why You Might Need To)

    Ccleaner for Mac Review

    Adobe Audition Review

    Adobe Audition Review

    Audacity Review

    Audacity Review

    Tenorshare 4MeKey Review

    Tenorshare 4MeKey Review

    Tenorshare ReiBoot Review

    Tenorshare ReiBoot Review

    DxO PureRaw Review

    DxO PureRaw Review

No Result
View All Result
  • News

    How can I save money on Starbucks?

    Do Starbucks workers get stock?

    Can Starbucks hire you at 15?

    Does Starbucks give coffee to employees?

    Why don t Starbucks employees get tips?

    How many stocks do Starbucks partners get?

  • Computer
    How to Realistically Change Hair Color in Photoshop

    How to Realistically Change Hair Color in Photoshop

    How to Blend Images in Photoshop

    How to Outline an Image in Photoshop

    How to Add Texture to an Image in Photoshop

    How to Add Texture to an Image in Photoshop

    How to Export a GIF in Photoshop

    How to Export a GIF in Photoshop

    How to Merge Layers in Photoshop

    How to Undo and Redo in Photoshop

    How to Create a Collage in Photoshop

    How to Create a Collage in Photoshop

  • Gear
    Apple Watch –  Beginners Guide

    Apple Watch – Beginners Guide

    Personal WiFi Routers Help Bring Secure Data Wherever You Are

    Personal WiFi Routers Help Bring Secure Data Wherever You Are

    Trending Tags

    • Best iPhone 7 deals
    • Apple Watch 2
    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • iOS 10
    • iPhone 7
    • Sillicon Valley
  • Mobile
  • Review
    How To Force Reboot Your Apple Watch (And Why You Might Need To)

    Ccleaner for Mac Review

    Adobe Audition Review

    Adobe Audition Review

    Audacity Review

    Audacity Review

    Tenorshare 4MeKey Review

    Tenorshare 4MeKey Review

    Tenorshare ReiBoot Review

    Tenorshare ReiBoot Review

    DxO PureRaw Review

    DxO PureRaw Review

No Result
View All Result
TeqGo.com
No Result
View All Result
Home Computer

State-sponsored hackers in China compromise certificate authority

Staff by Staff
November 16, 2022
State-sponsored hackers in China compromise certificate authority
Share on FacebookShare on Twitter


Getty Images

Nation-state hackers based in China recently infected a certificate authority and several government and defense agencies with a potent malware cocktail for burrowing inside a network and stealing sensitive information, researchers said on Tuesday.

The successful compromise of the unnamed certificate authority is potentially serious, because these entities are trusted by browsers and operating systems to certify the identities responsible for a particular server or app. In the event the hackers obtained control of the organization’s infrastructure, they could use it to digitally sign their malware to make it more easily slip past endpoint protections. They might also be able to cryptographically impersonate trusted websites or intercept encrypted data.

While the researchers who discovered the breach found no evidence the certificate infrastructure had been compromised, they said that this campaign was only the latest by a group they call Billbug, which has a documented history of noteworthy hacks dating back to at least 2009.

“The ability of this actor to compromise multiple victims at once indicates that this threat group remains a skilled and well-resourced operator that is capable of carrying out sustained and wide-ranging campaigns,” Symantec researchers wrote. “Billbug also appears to be undeterred by the possibility of having this activity attributed to it, with it reusing tools that have been linked to the group in the past.”

Advertisement

Symantec first documented Billbug in 2018, when company researchers tracked the group under the name Thrip. The group hacked multiple targets, including a satellite communications operator, a geospatial imaging and mapping company, three different telecom operators, and a defense contractor. Of particular concern was the hack on the satellite operator because the attackers “seemed to be particularly interested in the operational side of the company, looking for and infecting computers running software that monitors and controls satellites.” The researchers speculated that the hackers’ motivation may have gone beyond spying to also include disruption.

The researchers eventually traced the hacking activity to computers physically located in China. Besides Southeast Asia, targets were also located in the US.

A little more than a year later, Symantec gathered new information that allowed researchers to determine that Thrip was effectively the same as a longer-existing group known as Billbug or Lotus Blossom. In the 15 months since the first write-up, Billbug had successfully hacked 12 organizations in Hong Kong, Macau, Indonesia, Malaysia, the Philippines, and Vietnam. The victims included military targets, maritime communications, and media and education sectors.

Billbug used a combination of legitimate software and custom malware to burrow into its victims’ networks. Using legitimate software such as PsExec, PowerShell, Mimikatz, WinSCP, and LogMeIn allowed the hacking activities to blend in with normal operations in the compromised environments. The hackers also used the custom-built Catchamas info stealer and backdoors dubbed Hannotog and Sagerunex.

In the more recent campaign targeting the certificate authority and the other organizations, Billbug was back with Hannotog and Sagerunex, but it also used a host of new, legitimate software, including AdFind, Winmail, WinRAR, Ping, Tracert, Route, NBTscan, Certutil, and Port Scanner.

Tuesday’s post includes a host of technical details people can use to determine if they’ve been targeted by Billbug. Symantec is the security arm of Broadcom Software.



Source link

Staff

Staff

Next Post
Mushroom Skin Could Hold the Key to Biodegradable Printed Circuit Boards

Mushroom Skin Could Hold the Key to Biodegradable Printed Circuit Boards

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Ryobi Just Introduced 17 New Products To Its Lineup – Here Are Our Favorites
  • Clever Ryobi Products Everybody At The Tailgate Will Be Jealous Of You For Having
  • How to Realistically Change Hair Color in Photoshop
  • How to Outline an Image in Photoshop
  • How to Add Texture to an Image in Photoshop
  • How to Export a GIF in Photoshop
  • How To Spot Fake Customer Reviews When Buying Tech Gadgets Online
  • 5 Of The Best Apple Watch Apps For Hikers
  • How To Make Your iPhone’s Screen Black And White (And Why You Should)
  • About us
  • Privacy Policy and Disclaimer
  • Software Reporter Tool
  • Numizmatika
  • Pro Tools Guide
  • Contact Us

© 2019-2023 TEQGo.com

No Result
View All Result
  • Review
  • Computer
  • News
  • Gear

© 2019-2023 TEQGo.com