BTC $56772.0455
ETH $3229.2692
BNB $393.0365
SOL $106.6536
stETH $3224.6597
XRP $0.5621
ADA $0.6137
AVAX $38.6261
DOGE $0.0960
TRX $0.1415
wstETH $3753.2551
DOT $8.0619
LINK $18.8685
WETH $3222.5827
MATIC $1.0217
UNI $10.5943
WBTC $56672.8182
IMX $3.2827
ICP $12.8638
BCH $296.0952
LTC $73.4211
CAKE $3.1049
LEO $4.3751
ETC $27.6986
FIL $7.7121
KAS $0.1681
RNDR $7.1714
DAI $0.9992
HBAR $0.1085
ATOM $10.9103
INJ $37.3719
VET $0.0480
TON $2.1032
OKB $51.5043
FDUSD $1.0007
LDO $3.4620
STX $3.0518
XMR $133.5710
ARB $1.8885
XLM $0.1189
GRT $0.2844
TIA $16.9400
NEAR $3.9210
ENS $21.6903
MKR $2126.5962
WEMIX $2.0704
APEX $2.3723
BTC $56772.0455
ETH $3229.2692
BNB $393.0365
SOL $106.6536
stETH $3224.6597
XRP $0.5621
ADA $0.6137
AVAX $38.6261
DOGE $0.0960
TRX $0.1415
wstETH $3753.2551
DOT $8.0619
LINK $18.8685
WETH $3222.5827
MATIC $1.0217
UNI $10.5943
WBTC $56672.8182
IMX $3.2827
ICP $12.8638
BCH $296.0952
LTC $73.4211
CAKE $3.1049
LEO $4.3751
ETC $27.6986
FIL $7.7121
KAS $0.1681
RNDR $7.1714
DAI $0.9992
HBAR $0.1085
ATOM $10.9103
INJ $37.3719
VET $0.0480
TON $2.1032
OKB $51.5043
FDUSD $1.0007
LDO $3.4620
STX $3.0518
XMR $133.5710
ARB $1.8885
XLM $0.1189
GRT $0.2844
TIA $16.9400
NEAR $3.9210
ENS $21.6903
MKR $2126.5962
WEMIX $2.0704
APEX $2.3723
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • A new cyber threat poses a data theft risk to Chinese government agencies

    Hackers employ a wide variety of techniques, tailoring each assault to the target.

    Critical infrastructure in China has been the target of an uptick in cyber attacks in recent months. The discovery of a new series of APT attacks by the Shuangyirat group was one of the most alarming phenomena discovered by the Fuying Lab team. Attackers have carried out complex cyberattacks over the past six months, displaying a high level of hacking expertise and the capacity to cause significant damage.

    Fuying Lab found that the cybercriminals had used specialized tools, which led them to the Double XOR Rat campaign. The name comes from the characteristic communication encryption method that uses double XOR encryption in the communication process.

    The main targets of Double XOR Rat were leading state-owned enterprises, research institutes and government agencies. This distinct group exploits security flaws to take command of a wide variety of public network nodes, and then conducts in-depth vulnerability scans of internal networks to assess the worth of each compromised target.

    Fuying Lab claims that the organization's attacks fall into one of three broad categories, each of which is designed to exploit a specific weakness in the targeted systems.

    The initial style of assault

    It relies on gaining initial access to the system by exploiting flaws in security devices that are reachable over the Internet. After gaining access to a system, the hackers can then download even more malicious code by activating a Python HTTP server on the compromised devices.

    The first type of attack is a reconnaissance operation, which is how experts define attacks that use NetBIOS scanning tools to locate Windows hosts on a network. NBTscan or Nextnet scanners are used to evaluate the potential of the target domain depending on the processor architecture of the target devices.

    The Second Form of Assault

    According to the description, the operation uses a Trojan that the group itself developed as a monitoring tool. Hacker-valuable devices are prioritized for activation of the method. Malware allows persistent two-way communication with a compromised system, giving attackers the ability to spy on and control infected devices.

    A third form of assault

    It's the most niche, and it's only deployed when the target domain also houses mail service infrastructure. After hackers gain access to a server, they can use it to send out phishing emails; when sent from a whitelisted server, these attacks are much more successful.

    Researchers say the Double XOR Rat campaign is still active, so businesses should take precautions like keeping up with software updates and training employees to recognize cyber threats.

    Author reign3d
    The hacker group Cyber Av3ngers says they broke into garbage treatment plants in ten cities
    Looney Tunables are being used by Kinsing hackers to steal credentials

    Comments 0

    Add comment