Chinese hackers used a flaw in a popular email security device to break into the networks of hundreds of public and private sector organizations around the world, Mandiant, a specialized cybersecurity company, revealed Thursday.
“This is the largest known cyber espionage campaign with links to China since the massive exploitation of Microsoft Exchange in early 2021,” Mandiant technology manager Charles Carmakal said in a statement.
Google-owned Technological Mandiant has admitted with “high certainty” that the group that exploited the software vulnerability in Barracuda Networks’ Security Gateway email was involved in “espionage activities on behalf of the People’s Republic of China.” . .
In the released statement, Mandiant also revealed that the espionage activity began in October last year.
The hackers sent emails containing malicious attachments to gain access to the devices and data of the targeted organizations, he said.
Among the organizations targeted, 55% were from North, Central and South America, 22% from Asia Pacific and 24% from Europe, Middle East and Africa and included Foreign Ministries in Southeast Asia, Departments of Commerce external and universities and academic institutions. in Taiwan and Hong Kong.
On June 6 of this year, North American Barracuda said that some of its email security devices had been hacked in October of last year, giving intruders access to compromised networks.
The action was so serious that this North American company, located in the State of California, recommended the total replacement of the devices.
Source: TSF
