1. Forum
  2. Fidonet
  3. CONSPRCY

  • Chinese hackers hit gover

    From Mike Powell@1:2320/105 to All on Thu Oct 2 09:36:27 2025
    Chinese hackers hit government systems, stealing emails and more - here's
    what we know

    Date:
    Wed, 01 Oct 2025 12:02:00 +0000

    Description:
    Say hi to Phantom Taurus - a newly discovered Chinese state-sponsored cyberespionage group.

    FULL STORY

    Chinese state-sponsored threat actors named Phantom Taurus have been seen targeting email communications and databases belonging to different countries in the Middle East and South Asia with brand new malware .

    Security researchers from Unit 42 have been tracking the threat actor for years, and have come to the conclusion the attackers were sponsored by China, based on a combination of technical indicators, targeting patterns, and strategic alignment.

    The experts observed the group targeting ministries of foreign affairs, embassies, and government entities, all typical victims of nation-state intelligence operations.

    Sharing infrastructure

    The group also used custom backdoor malware called NET-STAR which was sophisticated in the way only a nation-state could develop.

    The NET-STAR malware suite demonstrates Phantom Taurus advanced evasion techniques and a deep understanding of .NET architecture, representing a significant threat to internet-facing servers, the researchers explained.

    Phantom Taurus also apparently shares infrastructure, malware traits, and tactics with known Chinese APTs, particularly BackdoorDiplomacy. C2 domains, malware loaders, and similar spear-phishing techniques, all made Unit 42
    deduce Phantom Taurus was a Chinese actor.

    They have now placed it next to other tauruses - Iron Taurus, Starchy Taurus, and Stately Taurus. The latter is also known as Mustang Panda and is a widely known threat actor, who was seen targeting Microsoft tools, cloud services,
    and more.

    Unfortunately, we dont know exactly how Phantom Taurus infects its victims
    with NET-STAR. We can only assume it includes the usual tactics such as spear-phishing or zero-day vulnerability abuse. We do know, however, that its victims are located in Afghanistan and Pakistan.

    China, as usual, denies any wrongdoing or any involvement in cyberattacks or cyber-espionage, and instead accuses the United States of being the worlds biggest cyber-bully.

    Via The Register

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/chinese-hackers-hit-government-systems- stealing-emails-and-more-heres-what-we-know

    $$
    --- SBBSecho 3.28-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

Novedades:

Servidor de Quake 3 Arena Online! - Conectate a ferchobbs.ddns.net, puerto 27960 y vence con tu equipo!