Currencies38131
Market Cap$ 2.27T-0.29%
24h Spot Volume$ 18.86B-21.8%
DominanceBTC56.44%+0.06%ETH9.57%+0.59%
ETH Gas0.11 Gwei
Cryptorank
/

Suspected Chinese hackers break into foreign ministries' email servers


Suspected Chinese hackers break into foreign ministries' email servers

Share:

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Suspected Chinese hackers have broken into Microsoft Exchange email servers used by foreign ministries, according to new findings from Palo Alto Networks.

The security company’s Unit 42 division has been tracking the group for nearly three years. Researchers said the operation is a long-running effort to read and collect the private communications of diplomats across the world.

Unit 42 confirmed the hackers had full access to search for information inside the email servers of some ministries. They specifically hunted for terms tied to a China-Arab summit held in Riyadh, Saudi Arabia, in 2022, said senior researcher Lior Rochberger.

The team said the hackers also searched for the names of Chinese President Xi Jinping and Peng Liyuan, his wife, in connection to that summit. Researchers declined to identify which countries were hit but said the activity “align consistently with the People’s Republic of China (PRC) economic and geopolitical interests.”

Researchers track hackers to Phantom Taurus campaign

“When I found them searching for specific diplomatic keywords and then exfiltrating emails from embassies and military operations, I realized this was a serious intelligence collection effort,” Rochberger said. Palo Alto Networks calls the hacking group Phantom Taurus.

The company said the breaches went beyond simple spying, showing a focus on strategic events and military movements.

Liu Pengyu, a spokesperson for the Chinese Embassy in Washington, responded that hacking is a problem for all countries, including China, and that the government opposes all forms of cyberattacks.

“Cyberspace is highly virtual, difficult to trace, and involves a diverse range of actors,” he said. “Tracing the source of cyber attacks is a complex technical issue, that requires solid and full evidence.”

The Palo Alto Networks report also highlighted how suspected Chinese hackers are now targeting industries worldwide. On September 24, Alphabet Inc.’s Google stated that a Chinese group had compromised US technology companies.

Earlier in September, suspected attackers impersonated the Republican chair of the House Select Committee on China in attempts to steal sensitive data on trade negotiations, according to the committee.

Assaf Dahan, director of threat intelligence at Palo Alto Networks, said many of Phantom Taurus’ breaches had a “tight correlation to specific geopolitical events or military maneuvers.” The report also said that other espionage activities sought information related to countries, including Afghanistan and Pakistan.

Join a premium crypto trading community free for 30 days - normally $100/mo.

Read the article at CryptoPolitan

In This News

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

In This News

Predictions Markets

See what traders are focused on

View analytics →
Prediction Banner

Share:

Read More

Bitcoin’s BIP 110 fork deadline nears with miner support at zero

Bitcoin’s BIP 110 fork deadline nears with miner support at zero

The BIP 110 proposal would cap arbitrary data on Bitcoin for a year, but Saylor, Adam...
AI found an Ethereum bug that could take validators offline, but humans had to prove it

AI found an Ethereum bug that could take validators offline, but humans had to prove it

The Ethereum Foundation pointed coordinated AI agents at the software its validators ...