BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
BTC $68279.0927
ETH $3629.5433
BNB $418.8260
SOL $133.0943
XRP $0.6497
stETH $3620.7348
ADA $0.7707
DOGE $0.1827
AVAX $43.0376
DOT $9.8988
wstETH $4204.4051
TRX $0.1402
LINK $20.4333
WETH $3627.8562
MATIC $1.1461
WBTC $68015.7231
UNI $12.3628
BCH $469.5171
LTC $88.8112
IMX $3.1360
ICP $13.3800
CAKE $3.3523
ETC $35.9657
FIL $10.0244
LEO $4.8744
ATOM $12.4782
TON $2.7811
HBAR $0.1174
RNDR $7.3750
KAS $0.1614
INJ $40.6866
DAI $0.9990
OKB $56.8390
VET $0.0495
PEPE $0.0000
XLM $0.1458
FDUSD $0.9965
STX $3.0333
XMR $148.4317
WEMIX $2.7041
LDO $3.2821
NEAR $4.3354
GRT $0.3080
ARB $1.9787
THETA $2.3471
APEX $2.6824
BSV $115.5449
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • The Xiaoqiying group attacked South Korea, and now they are targeting the West

    In late January, the Chinese-speaking group Xiaoqiying (Genesis Day, Teng Snake) attacked 12 research and academic institutions in South Korea to steal data, according to a new report from security researchers Insikt Group at Recorded Future.

    Attacks on South Korean institutions began on January 25. In particular, scientific research institutes, medical academies and research institutes suffered. Based on an analysis of the group's Telegram channels, forum posts, and the group's online presence, the experts concluded that Xiaoqiying is a hacktivist group that is not primarily interested in financial gain. Cybercriminals are motivated by patriotism towards China.

    According to experts, since the discovery of the campaign, hackers have already carried out a series of new cyber attacks against organizations in Japan and Taiwan. Experts believe that the group will carry out similar cyber attacks against the West and NATO countries, as well as any country hostile to China.

    The researchers found 2 Telegram channels of the group: one for posting messages and the other for several other hackers, but both channels were closed in February when the media began covering cyberattacks in South Korea. Before closing the channels, the group recruited new members through Telegram.

    On one of the Telegram channels (with 700 subscribers at the time of shutdown), the Xiaoqiying hackers claimed to have stolen a total of 54 GB of data from various organizations.

    Insikt researchers said the channel contained dozens of unverified allegations of cyberattacks in 2022 that affected the US FBI, Ukraine, the South Korean Ministry of Health and Defense, Taiwan and Japan. The hackers also claimed to have gained access to Samsung's internal network.

    The partnerships advertised on the channel included collaborations allegedly with Lapsus$, Hive, Pakistani and Russian hacker groups. Chat logs reviewed by the researchers showed that the group routinely hacked IoT devices using popular penetration testing tools and PoC exploits.

    The group's connection to the Chinese government has not been established, but the fact that the group never sought to "make money" from the access or stolen data suggests that the hackers are ideologically motivated.

    From the Telegram channel, Insikt Group researchers managed to obtain, among other things:

    • data stolen from various companies;
    • tools;
    • source codes and malware samples;
    • files associated with US government agencies;
    • stolen credit card information.

    It is noteworthy that after the closure of Telegram channels, Xiaoqiying members continued to advertise their activities on their website on the public Internet.

    Chinese hackers are not the only ones carrying out attacks on South Korea. Thus, North Korean cybercriminals are very strong opponents of South Korea in cyberspace. For example, the Google TAG team recently stated that ARCHIPELAGO North Korean government hackers are carrying out attacks on government and military personnel, think tanks, politicians, scientists and researchers in South Korea and the United States.

    Author DeepWeb
    Infoblox experts have discovered a new set of Decoy Dog malware
    Dragon's Breath APT Raises Cyber Attacks Against Chinese-Speaking Windows Users

    Comments 0

    Add comment