BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Hackers with covert intentions: Why does China's Flax Typhoon only infiltrate the systems of its victims?

    There are signs of penetration, but no subsequent actions. What is the reasoning behind such an unusual strategy?

    Microsoft has announced a new spy operation carried out by Chinese government-linked hackers. The group, dubbed Flax Typhoon by Microsoft, targets dozens of Taiwanese organizations, and the hackers have been active since mid-2021.

    The attackers' goal, according to Microsoft, is not only to spy on targeted Taiwanese organizations, but also "to maintain access to organizations across a wide range of industries for as long as possible."

    Government agencies, as well as organizations in the fields of education, manufacturing, and information technology, are the primary targets of hackers. However, victims have been reported in Southeast Asia, North America, and Africa.

    According to Microsoft, hackers use built-in operating system tools and some legitimate software to remain undetected on targeted organizations' networks. At the same time, the company has not yet observed the hackers' subsequent actions after gaining access.

    Flax Typhoon hackers could be acting as Remote Access Brokers (IABs), whose sole purpose is to obtain permanent covert access to the target system, which is then sold to other cybercriminal organizations.

    According to reports, the malicious operation in question is just one of several that have come to light since Beijing increased rhetoric about Taiwan's "reunification" with mainland China.

    Some evidence suggests that this group's activities overlap with those of another cybercriminal organization known as Ethereal Panda, as identified by Crowdstrike experts.

    Microsoft stated that it decided to release this latest report due to "serious concerns" about the subsequent impact such attacks could have on the company's customers, despite the fact that no other aspect of the attacker's activities appeared in the transaction in question.

    This no-attack infiltration tactic makes detection and mitigation extremely difficult, necessitating the closure or change of compromised accounts' credentials.

    Microsoft advised affected organizations to assess the scope of Flax Typhoon activity on their network, remove malicious tools, and examine logs for compromised accounts.

    However, the Redmond company asked other security researchers to read their findings in order to collaborate on finding the best security solution for hundreds of potential victims.

    Author DeepWeb
    MOVEit and Clop: how 60 million people became hostages of a hacker game
    The "offline" status of British Sky: an error or a hacker attack?

    Comments 0

    Add comment