China-Linked APT Expands Proxy Network With New Malware
Cisco Talos said China-linked APT UAT-7810 is growing its proxy relay network with new malware
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Cisco Talos said China-linked APT UAT-7810 is growing its proxy relay network with new malware
All the Typhoons, everywhere, all at once A majority of China-linked threat actors are using compromised routers and IoT devices worldwide, turning this gear into proxy networks to carry out further intrusions, steal sensitive data, and disrupt victim organizations’ operations, according to a joint 10-country advisory.…
The United Kingdom's National Cyber Security Centre (NCSC-UK) and international partners warned that China-nexus hackers are increasingly using large-scale proxy networks of hijacked consumer devices to evade detection and disguise their malicious activity. [...]
Hacktivists use proxy services from Russia, China for 'billions of designed-for-abuse connection attempts' Cybercrime has skyrocketed since the start of the Iran war, according to Akamai, which reports a 245 percent increase in everything from credential harvesting attempts to automated reconnaissance traffic aimed at banks and other critical businesses.…
The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region
Google on Thursday revealed it's pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy infrastructure
CISA Publishes Anatomy of Advanced Ivanti VPN MalwareHackers using Trojans connected to a malware family deployed by Chinese nation-state hackers are actively exploiting a now-patched vulnerability in Ivanti Connect Secure appliances. The malware "contains capabilities of a rootkit, dropper, backdoor, bootkit, proxy and tunneler."
Off-Brand Android Devices Come Infrected With A TrojanA botnet infected more than 1 million off-brand Android devices manufactured in China, reached consumers with a backdoor already installed. Scammers used the devices for programmatic ad fraud, click fraud and converting the devices into a residential proxy.
The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator. [...]
The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one's Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later.
The U.S. Treasury Department has sanctioned a cybercrime network comprising three Chinese nationals and three Thailand-based companies linked to a massive botnet controlling a residential proxy service known as "911 S5." [...]
The U.S. Treasury Department has sanctioned a cybercrime network comprising three Chinese nationals and three Thailand-based companies linked to a massive botnet controlling a residential proxy service known as "911 S5." [...]
Security researchers are warning that China-linked state-backed hackers are increasingly relying on vast proxy networks of virtual private servers and compromised connected devices for cyberespionage operations. [...]
Volt Typhoon and other Chinese cyber espionage actors are relying on operational relay box (ORB) networks, Mandiant has observed
Beijing's Tough-to-Track Mesh Networks Built Using Hacked Devices, Mandiant WarnsMultiple Chinese cyber espionage groups, including Volt Typhoon, are using operational relay box networks, aka ORBs, built using leased proxy servers and compromised or end-of-life routers, to avoid detection and complicate efforts to track their activities, warns Google Cloud's Mandiant.