The report of Computer Security Consultancy Mandiant suspects hackers associated with the Chinese government.
IT security consultant Mandiant said on Tuesday that Chinese hackers have hacked the American Bypass Software (VPN) company into the computer networks of US defense companies.
According to the report released by Mandiant, at least two hacker groups, one of which is believed to be close to the Chinese government, are linked to malware exploiting vulnerabilities in VPNs – systems that allow you to establish a secure connection The company is Pulse Secure, an Ivanti group based in Utah, western United States.
Target vpn users
The report said the hackers used malware to steal the identity of VPN users and to break into the computer systems of advocacy groups between October 2020 and March 2021. Governments and financial companies have also been targeted in Europe and the United States, according to the US advisor, which refers to one of the groups as UNC2630.
Potential relationship with Beijing
«We suspect the operation of UNC2630 on behalf of the Chinese government and its connection to APT5A group of handlers who are linked to Beijing authorities said in the Mendent’s report. The advisor specifies that “Trusted third partyHe also linked this new hack to APT5.
«APT5 regularly targets a network of high value added groupshe adds. “His favorite targets are aeronautical and defense companies based in the United States, Europe and Asia.The report did not specify how many companies were affected.
Limited number of affected customers
Pulse Secure mostly confirmed the reports of the mandate, noting that it has already provided solutions to its customers to block the malware. The VPN creator assured that the hack was affected “A limited number of customers»
Freelance twitter maven. Infuriatingly humble coffee aficionado. Amateur gamer. Typical beer fan. Avid music scholar. Alcohol nerd.