Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Carding News
Cyber rats attack: China's state institutions are in great danger
Message
<blockquote data-quote="Plotu" data-source="post: 433" data-attributes="member: 5"><p>The "Double Alien Rat" group masterfully imitates the activity of other hackers, making it difficult to investigate.</p><p></p><p>Recently, experts from NSFOCUS's Fuying Lab discovered a large-scale cyberattack against Chinese government institutions that lasted more than 6 months. The attack was organized by a previously unknown hacker group, dubbed "Double Alien Rat" or "Double Alien Rat"by researchers.</p><p></p><p>The group used zero-day vulnerabilities in network devices to gain access to the internal networks of government organizations and enterprises. After that, the attackers scanned the network for valuable data and carried out targeted attacks.</p><p></p><p>According to the researchers, the "Double Rat" demonstrates a high level of skill and awareness of the peculiarities of networks and the language environment in China. The group also actively uses disinformation methods to hide traces of its activities and simulate attacks by well-known APT groups.</p><p></p><p>The Double Rat reportedly uses three main stages of attack. At the first stage, devices accessible from the Internet are compromised through the use of zero-day vulnerabilities. Once they gain access, the attackers upload malware to the compromised devices.</p><p></p><p>At the second stage, network scanning identifies vulnerable devices already in the victim's internal network. This stage allows you to evaluate the value of available targets and choose further attack tactics.</p><p></p><p>At the third stage, hacked devices are used to send targeted phishing emails to employees of the organization, which further increases the effectiveness of the attack.</p><p></p><p>The Double Rat tactic is particularly sophisticated. Hackers try to hide traces of their activities and mislead the investigation. In particular, they use tools and techniques typical of such well-known APT groups as APT29 and APT32, which makes it possible to simulate attacks by these groups and significantly complicate the attribution of incidents.</p><p></p><p>In addition, the "Double Rat" group carefully masks its malware and gets rid of any data that may lead to the disclosure of the hackers ' identity.</p><p></p><p>Despite the advanced tactics of the group, experts still managed to create an approximate profile of these intruders. Based on the tools and methods used, language features, and understanding of the specifics of China's networks, we can assume that this is an experienced external hacker group based in one of the Asian countries and specializing specifically in cyber attacks against China. Experts believe that the activities of the "Double Rat" pose a serious threat to the country's cybersecurity.</p><p></p><p>Experts urge local organizations to strengthen their protection against the use of 0-day vulnerabilities and targeted attacks, as well as develop cyber incident analysis capabilities. In the future, this will prevent large-scale APT attacks, such as the "Double Rat" activity.</p></blockquote><p></p>
[QUOTE="Plotu, post: 433, member: 5"] The "Double Alien Rat" group masterfully imitates the activity of other hackers, making it difficult to investigate. Recently, experts from NSFOCUS's Fuying Lab discovered a large-scale cyberattack against Chinese government institutions that lasted more than 6 months. The attack was organized by a previously unknown hacker group, dubbed "Double Alien Rat" or "Double Alien Rat"by researchers. The group used zero-day vulnerabilities in network devices to gain access to the internal networks of government organizations and enterprises. After that, the attackers scanned the network for valuable data and carried out targeted attacks. According to the researchers, the "Double Rat" demonstrates a high level of skill and awareness of the peculiarities of networks and the language environment in China. The group also actively uses disinformation methods to hide traces of its activities and simulate attacks by well-known APT groups. The Double Rat reportedly uses three main stages of attack. At the first stage, devices accessible from the Internet are compromised through the use of zero-day vulnerabilities. Once they gain access, the attackers upload malware to the compromised devices. At the second stage, network scanning identifies vulnerable devices already in the victim's internal network. This stage allows you to evaluate the value of available targets and choose further attack tactics. At the third stage, hacked devices are used to send targeted phishing emails to employees of the organization, which further increases the effectiveness of the attack. The Double Rat tactic is particularly sophisticated. Hackers try to hide traces of their activities and mislead the investigation. In particular, they use tools and techniques typical of such well-known APT groups as APT29 and APT32, which makes it possible to simulate attacks by these groups and significantly complicate the attribution of incidents. In addition, the "Double Rat" group carefully masks its malware and gets rid of any data that may lead to the disclosure of the hackers ' identity. Despite the advanced tactics of the group, experts still managed to create an approximate profile of these intruders. Based on the tools and methods used, language features, and understanding of the specifics of China's networks, we can assume that this is an experienced external hacker group based in one of the Asian countries and specializing specifically in cyber attacks against China. Experts believe that the activities of the "Double Rat" pose a serious threat to the country's cybersecurity. Experts urge local organizations to strengthen their protection against the use of 0-day vulnerabilities and targeted attacks, as well as develop cyber incident analysis capabilities. In the future, this will prevent large-scale APT attacks, such as the "Double Rat" activity. [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Carding News
Cyber rats attack: China's state institutions are in great danger
Top