![]() To remain undetected APT 41 keeps leveraging advanced tradecraft, it kept blocking identification servers to persist. Hence, narrowing down the margin of error. ‘Guardrailing’ is a tactic deployed by malware to ensure that the binary only unleashes on the system that is chosen by the threat actor. APT 41 has been working to advance its capabilities and has successfully upgraded the guardrail capabilities of DEADEYE. These anti-analysis technologies allow them to keep away from any investigation and operate undetected. DEADEYE launcher and Lowkey being one of them. In addition, it continues to deploy advanced malware in its operations. ĪPT 41 has been able to perform instant reconnaissance after penetrating an internet server. Cyber cyndicate records series#Mediant released the following chart to map out the series of attacks. They have been increasingly trying to penetrate the state government structure. Furthermore, it has been quick on the part of its operations as it picks on the publicly available vulnerabilities and adapts to its needs in no time. In a series of attacks that followed between the two, it was identified that they had been exploiting various kinds of vulnerabilities, especially in commercial applications. APT 41 tried to exploit a vulnerability through a SQL(Structured Query Learning) injection and was countered by Mandiant Managed Defense. The US government has uncovered that it is actively involved in activities that directly affect and harm state governments. Earlier it was involved in exploiting the vulnerabilities, and mass scanning but it is expanding its target audience and range. These targets are aligned with China’s economic plans and try to gain strategic access to various organizations. It has been active in the public domain since 2012 and has been targeting all possible spheres of public conduct, from health care and telecom to video games and other everyday use applications. APT 41, the official name that the US security agencies have given it, also targets organizations to collect ransoms. APT stands for Advanced Persistent Threat, and has many names like Wicked Panda, Winnti, Double Dragon, Barium, and Wicked Spider. This attack is suspected to have been carried out by the infamous APT41 criminal hacking group located in Chengdu. Recently, nearly six states have come under cyber-attacks, most of which were conducted through an application which is used to track disease in livestock, known as USAHEARDS. Furthermore, these attacks are not only being conducted by the Chinese state, but the People’s Liberation Army (PLA) and the Ministry of State Security are backing various hacker groups to follow a similar trail. The cyber-attacks perpetuated by China have become the new normal and have been a cause of concern for several institutions in the United States. One such domain has been cyber-security and cyber-attacks. It has become nearly impossible to talk about any international venture without the mention of China. Author: Ms Khyati Singh, Research Associate, Centre for Air Power Studies Keywords: Cyber Security, Chinese Hackers, APT 41, Cyber Attack, Double Dragon, Wicked Panda. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |