BTC $56772.0455
ETH $3229.2692
BNB $393.0365
SOL $106.6536
stETH $3224.6597
XRP $0.5621
ADA $0.6137
AVAX $38.6261
DOGE $0.0960
TRX $0.1415
wstETH $3753.2551
DOT $8.0619
LINK $18.8685
WETH $3222.5827
MATIC $1.0217
UNI $10.5943
WBTC $56672.8182
IMX $3.2827
ICP $12.8638
BCH $296.0952
LTC $73.4211
CAKE $3.1049
LEO $4.3751
ETC $27.6986
FIL $7.7121
KAS $0.1681
RNDR $7.1714
DAI $0.9992
HBAR $0.1085
ATOM $10.9103
INJ $37.3719
VET $0.0480
TON $2.1032
OKB $51.5043
FDUSD $1.0007
LDO $3.4620
STX $3.0518
XMR $133.5710
ARB $1.8885
XLM $0.1189
GRT $0.2844
TIA $16.9400
NEAR $3.9210
ENS $21.6903
MKR $2126.5962
WEMIX $2.0704
APEX $2.3723
BTC $56772.0455
ETH $3229.2692
BNB $393.0365
SOL $106.6536
stETH $3224.6597
XRP $0.5621
ADA $0.6137
AVAX $38.6261
DOGE $0.0960
TRX $0.1415
wstETH $3753.2551
DOT $8.0619
LINK $18.8685
WETH $3222.5827
MATIC $1.0217
UNI $10.5943
WBTC $56672.8182
IMX $3.2827
ICP $12.8638
BCH $296.0952
LTC $73.4211
CAKE $3.1049
LEO $4.3751
ETC $27.6986
FIL $7.7121
KAS $0.1681
RNDR $7.1714
DAI $0.9992
HBAR $0.1085
ATOM $10.9103
INJ $37.3719
VET $0.0480
TON $2.1032
OKB $51.5043
FDUSD $1.0007
LDO $3.4620
STX $3.0518
XMR $133.5710
ARB $1.8885
XLM $0.1189
GRT $0.2844
TIA $16.9400
NEAR $3.9210
ENS $21.6903
MKR $2126.5962
WEMIX $2.0704
APEX $2.3723
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Hackers with covert intentions: Why does China's Flax Typhoon only infiltrate the systems of its victims?

    There are signs of penetration, but no subsequent actions. What is the reasoning behind such an unusual strategy?

    Microsoft has announced a new spy operation carried out by Chinese government-linked hackers. The group, dubbed Flax Typhoon by Microsoft, targets dozens of Taiwanese organizations, and the hackers have been active since mid-2021.

    The attackers' goal, according to Microsoft, is not only to spy on targeted Taiwanese organizations, but also "to maintain access to organizations across a wide range of industries for as long as possible."

    Government agencies, as well as organizations in the fields of education, manufacturing, and information technology, are the primary targets of hackers. However, victims have been reported in Southeast Asia, North America, and Africa.

    According to Microsoft, hackers use built-in operating system tools and some legitimate software to remain undetected on targeted organizations' networks. At the same time, the company has not yet observed the hackers' subsequent actions after gaining access.

    Flax Typhoon hackers could be acting as Remote Access Brokers (IABs), whose sole purpose is to obtain permanent covert access to the target system, which is then sold to other cybercriminal organizations.

    According to reports, the malicious operation in question is just one of several that have come to light since Beijing increased rhetoric about Taiwan's "reunification" with mainland China.

    Some evidence suggests that this group's activities overlap with those of another cybercriminal organization known as Ethereal Panda, as identified by Crowdstrike experts.

    Microsoft stated that it decided to release this latest report due to "serious concerns" about the subsequent impact such attacks could have on the company's customers, despite the fact that no other aspect of the attacker's activities appeared in the transaction in question.

    This no-attack infiltration tactic makes detection and mitigation extremely difficult, necessitating the closure or change of compromised accounts' credentials.

    Microsoft advised affected organizations to assess the scope of Flax Typhoon activity on their network, remove malicious tools, and examine logs for compromised accounts.

    However, the Redmond company asked other security researchers to read their findings in order to collaborate on finding the best security solution for hundreds of potential victims.

    Author DeepWeb
    MOVEit and Clop: how 60 million people became hostages of a hacker game
    The "offline" status of British Sky: an error or a hacker attack?

    Comments 0

    Add comment