At least six US states have been targeted by hackers linked to China who exploited vulnerabilities in web programs, cybersecurity company Mandiant said on Tuesday.

Notorious Chinese hacking group APT41 has been targeting US states in a tenacious and adaptive campaign, according to a Mandiant report.

From last May to this February, the group compromised at least six state government networks by exploiting vulnerabilities in internet-facing programs including an animal health reporting app, according to Mandiant.

Victims and data targeted by hackers were "consistent with an espionage operation" Mandiant said, but did not rule out that the motive could have been money given the group's "history of moonlighting for personal financial gain."

APT41 quickly adapted attacks to take advantage of new computer vulnerabilities that were made public, according to Mandiant.

For example, within hours of Apache Foundation announcing a critical flaw, the hackers began taking advantage of it and compromised at least two US state governments "as well as their more traditional targets in the insurance and telecommunications industries," the report said.

Mandiant researchers described APT41 as highly resourceful.

"APT41's recent activity against US state governments consists of significant new capabilities," Mandiant researchers said.

The global hacking collective has been accused by US authorities of targeting company servers for ransom, compromising government networks and spying on Hong Kong activists.

Seven members of the group -- including five Chinese nationals -- were charged by the US Department of Justice in late 2020 with being involved in hacking more than 100 companies around the world.

Targets included computer hardware manufacturers, telecommunications providers, social media firms, video game companies, non-profit organizations, universities, think tanks, foreign governments and pro-democracy politicians, according to justice officials.

"We assess that China presents the broadest, most active, and persistent cyber espionage threat to US government and private sector networks," said a threat assessment report released this week by the office of the US director of national intelligence.

Google announced Tuesday a deal to acquire Mandiant for about $5.4 billion, one of the tech giant's biggest purchases ever as it works to bolster its cloud computing offer.

Mandiant, which helps customers prepare for or deal with cyberattacks, is expected to join Google Cloud this year, if the acquisition is approved by regulators.

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Tweet

Thanks for being here; We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor $5 Billed Once credit card or paypal		SpaceDaily Monthly Supporter $5 Billed Monthly paypal only

Google Maps and Tripadvisor nix war news in reviews
San Francisco (AFP) March 4, 2022
Google on Thursday said it has stopped allowing reviews to be added to its online Maps service in Belarus, Russia and Ukraine to prevent them from being used for war news. Travel platform Tripadvisor, meanwhile, was blocking reviews for restaurants, hotels, or other venues if the commentary focuses on Russia's invasion of Ukraine rather than an experience with a business. Both services face a campaign by activists to use online reviews of businesses such as restaurants to get news of the war to ... read more