hacklink hack forum hacklink film izle hacklink marsbahisizmir escortsahabetpornJojobetcasibompadişahbetGorabetcasibom9018betgit casinojojobetmarsbahismatbetmatbet

News

Tag: hackers

  • Chinese hackers target Tibetan websites in malware attack, cybersecurity group says

    Chinese hackers target Tibetan websites in malware attack, cybersecurity group says

    BANGKOK — A hacking group that is believed to be Chinese state-sponsored has compromised two websites with ties to the Tibetan community in an attack meant to install malware on users’ computers, according to findings released Wednesday by a private cybersecurity firm.

    The hack of the Tibet Post and Gyudmed Tantric University websites appears geared toward obtaining access to the computers of people visiting to obtain information on them and their activities, according to the analysis by the Insikt Group, the threat research division of the Massachusetts-based cybersecurity consultancy Recorded Future.

    The hackers, known in the report as TAG-112, compromised the websites so that visitors are prompted to download a malicious executable file disguised as a security certificate, Insikt Group said. Once opened, the file loads Cobalt Strike Beacon malware on the user’s computer that can be used for key logging, file transferring and other purposes, including deploying additional malware.

    “While we do not have visibility into the activity that TAG-112 conducted on compromised devices in this campaign, given their likely cyber espionage remit and the targeting of the Tibetan community, it is almost certain that they were engaged in information collection and/or surveillance rather than destructive attacks,” Insikt Group senior director Jon Condra told The Associated Press.

    “This behavior aligns with historical targeting of the Tibetan community,” he said.

    Chinese authorities have consistently denied any form of state-sponsored hacking, saying China itself is a major target of cyberattacks.

    The Chinese Foreign Ministry said it was not aware of the hacking of the two websites reported by the Insikt Group.

    “China’s stance on the issue of cybersecurity is consistent and clear,” the ministry said in a faxed reply to a request for comment without elaborating.

    According to the Insikt group research, the sites were first compromised in late May and the attacks bear many overlaps with a previously tracked hacker group known as TAG-102, leading analysts to conclude it is a subgroup of the already known group “working toward the same or similar intelligence requirements,” Insikt Group said.

    Overlaps include reuse of specific tactics, techniques and procedures and going after identical targets, Condra said.

    “These two threat clusters are almost certainly interrelated,” he said.

    TAG-102, known by multiple names such as Evasive Panda and StormBamboo, has been in operation since as early as 2012, and is widely thought to be a Chinese-sponsored advanced persistent threat, or APT, group, Insikt Group said.

    Among other things, it uses custom malware frameworks used by other Chinese APT groups and its targeting “aligns with likely Chinese intelligence requirements,” Condra said.

    “The group has engaged in a wide variety of campaigns over the years, with an emphasis on targeting individuals and organizations in opposition to the Chinese government, such as human rights organizations, religious organizations, ethnic minority groups, academic institutions, and supporters of democracy or independence movements in Taiwan, Hong Kong, and even in mainland China,” Insikt Group said.

    The university and the news website, which are both located in India, have been informed by Insikt Group of the hack. As of this week, it appears the Gyudmed Tantric University, which is a place of learning about Tibetan Buddhism, language, history and culture, has remediated the problem while the news website remained compromised, Condra said.

    The Tibet Post is known for promoting democracy, freedom of speech and for advocating Tibetan independence from China, he said.

    China claims Tibet has been part of its territory for centuries, although it only established firm control over the Himalayan region after the Communist Party swept to power during a civil war in 1949.

    Many Tibetans’ loyalties still lie with the Dalai Lama, the spiritual leader who has lived in exile in India since a failed anti-Chinese uprising in 1959.

    China has been regularly accused of human rights abuses in Tibet, including earlier this year over its efforts to forcibly urbanize villagers and herders as part of a drive to assimilate rural Tibetans through control over their language and traditional Buddhist culture.

    Source link

  • AP sources: Chinese hackers targeted phones of Trump, Vance, people associated with Harris campaign

    AP sources: Chinese hackers targeted phones of Trump, Vance, people associated with Harris campaign

    WASHINGTON — Chinese hackers targeted cellphones used by Republican presidential nominee Donald Trump, his running mate, JD Vance, and people associated with the Democratic campaign of Kamala Harris, people familiar with the matter said Friday.

    It was not immediately clear what data, if any, may have been accessed. U.S. officials are continuing to investigate, according to the people, who were not authorized to publicly discuss the ongoing inquiry and spoke on the condition of anonymity to The Associated Press.

    An FBI statement did not confirm that Trump and Vance were among the potential targets but said it was investigating “unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.”

    “Agencies across the U.S. Government are collaborating to aggressively mitigate this threat and are coordinating with our industry partners to strengthen cyber defenses across the commercial communications sector,” the FBI said.

    U.S. officials believe the campaigns were among numerous targets of a larger cyberespionage operation launched by China, the people said. It was not immediately clear what information China may have hoped to glean, though Beijing has for years engaged in vast hacking campaigns aimed at collecting the private data of Americans and government workers, spying on technology and corporate secrets from major American companies and targeting U.S. infrastructure.

    News that high-profile political candidates were targeted comes as U.S. officials remain on high alert for foreign interference in the final stretch of the presidential campaign. Iranian hackers have been blamed for targeting Trump campaign officials and the Justice Department has exposed vast disinformation campaigns orchestrated by Russia, which is said to favor Trump over Democrat Kamala Harris.

    China, by contrast, is believed by U.S. intelligence officials to be taking a neutral stance in the race and is instead focused on down-ballot races, targeted candidates from both parties based on their stance on issues of key importance to Beijing, including support for Taiwan.

    The New York Times first reported that Trump and Vance had been targeted and said the campaign was alerted by U.S. officials this week. Three people confirmed the news to the AP, including one who said that people associated with the Harris campaign were also targeted.

    A spokesperson for the Chinese embassy in Washington said they were not familiar with the specifics and could not comment, but contended that China is routinely victimized by cyberattacks and opposes the activity.

    “The presidential elections are the United States’ domestic affairs. China has no intention and will not interfere in the U.S. election. We hope that the U.S. side will not make accusations against China in the election,” the statement said.

    Trump campaign spokesman Steven Cheung did not offer any details about the Chinese operation but issued a statement accusing the Harris campaign of having emboldened foreign adversaries, including China and Iran.

    The FBI has repeatedly warned over the last year about Chinese hacking operations, with Director Chris Wray telling Congress in January that investigators had disrupted a state-sponsored group known as Volt Typhoon. That operation targeted U.S.-based small office and home routers owned by private citizens and companies. Their ultimate targets included water treatment plants, the electrical grid and transportation systems across the U.S.

    Last month, Wray said that the FBI had interrupted a separate Chinese government campaign, called Typhoon Flax, that targeted universities, government agencies and other organizations and that installed malicious software on more than 200,000 consumer devices, including cameras, video recorders and home and office routers.

    The Wall Street Journal reported this month that Chinese hackers had burrowed inside the networks of U.S. broadband providers and had potentially accessed systems that law enforcement officials use for wiretapping requests.

    ____

    Michelle L. Price in New York and Jill Colvin in Austin, Texas contributed to this report.

    Source link