Home Security China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally

China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally

by


Jun 12, 2024Newsroom

China-Backed Hackers

State-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known.

“The state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months before Fortinet disclosed the vulnerability,” the Dutch National Cyber Security Centre (NCSC) said in a new bulletin. “During this so-called zero-day period, the actor alone infected 14,000 devices.”

The campaign targeted dozens of Western governments, international organizations, and a large number of companies within the defense industry. The names of the entities were not disclosed.

The findings build on an earlier advisory from February 2024, which found that the attackers had breached a computer network used by the Dutch armed forces by exploiting CVE-2022-42475 (CVSS score: 9.8), which allows for remote code execution.

Cybersecurity

The intrusion paved the way for the deployment of a backdoor codenamed COATHANGER from an actor-controlled server that’s designed to grant persistent remote access to the compromised appliances, and act as a launching point for more malware.

The NCSC said the adversary opted to install the malware long after obtaining initial access in an effort to retain their control over the devices, although it’s not clear how many victims had their devices infected with the implant.

The latest development once again underscores the ongoing trend of cyber attacks targeting edge appliances to breach networks of interest.

“Due to the security challenges of edge devices, these devices are a popular target for malicious actors,” the NCSC said. “Edge devices are located at the edge of the IT network and regularly have a direct connection to the internet. In addition, these devices are often not supported by Endpoint Detection and Response (EDR) solutions.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex