Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024
  • Security & Privacy News

    Chinese Hackers Target Taiwan's Financial Trading Sector with Supply Chain Attack

    aum

    By aum,
    Published Date:

    • 329 views
    • 2 minutes
     Share
    • 329 views
    • 2 minutes

    An advanced persistent threat (APT) group operating with objectives aligned with the Chinese government has been linked to an organized supply chain attack on Taiwan's financial sector.

     

    The attacks are said to have first commenced at the end of November 2021, with the intrusions attributed to a threat actor tracked as APT10, also known as Stone Panda, the MenuPass group, and Bronze Riverside, and known to be active since at least 2009.

     

    The second wave of attacks hit a peak between February 10 and 13, 2022, according to a new report published by Taiwanese cybersecurity firm CyCraft, which said the wide-ranging supply chain compromise specifically targeted the software systems of financial institutions, resulting in "abnormal cases of placing orders."

     

    The infiltration activity, codenamed "Operation Cache Panda," exploited a vulnerability in the web management interface of the unnamed securities software that has a market share of over 80% in Taiwan, using it to deploy a web shell that acts as a conduit for implanting the Quasar RAT on the compromised system with the goal of stealing sensitive information.

     

    AVvXsEgg6_78m4oefp1DyMop9yIdBa1XdghntXQE

     

    Quasar RAT is a publicly available open-source remote access trojan (RAT) written in .NET. Its features include capturing screenshots, recording webcam, editing registry, keylogging, and stealing passwords. In addition, the attacks leveraged a Chinese cloud file sharing service called wenshushu.cn to download auxiliary tools.

     

    The disclosure comes as Taiwan's Parliament, the Executive Yuan, unveiled draft amendments to national security laws aimed at combating Chinese economic and industrial espionage efforts. To that end, unapproved use of critical national technologies and trade secrets outside of the country could carry up to a 12-year prison sentence.

     

    Furthermore, individuals and organizations that have been entrusted or subsidized by the Taiwanese government to conduct operations involving critical national technologies are expected to secure prior government approval for any trips to China, failing which could incur monetary fines of up to NT$10 million (~US$359,000).

     

    Source

     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...