Foreign Hacker Organizations Target China with Cyberattacks

According to a statement from China's national cybersecurity and information security information center, several foreign hacker organizations have been exploiting harmful websites and international IP addresses to carry out cyberattacks aimed at China and other countries. The malicious schemes are tied to specific Trojan programs or their command and control endpoints.

The range of cyberattacks includes the establishment of botnets, phishing activities, theft of trade secrets and intellectual property, as well as violations of personal data of citizens, posing a significant threat to domestic networks and internet users in China. Some actions taken by these hacker groups may also be seen as criminal offenses.

The malicious websites and IP addresses linked to these attacks are primarily located in the United States, Netherlands, Singapore, Turkey, Mexico, Vietnam, among other countries. Notably, two of the seven identified websites were traced back to Los Angeles, where they deployed DDoS botnet Trojans that exploit N-Day vulnerabilities and weak Telnet/SSH passwords. These attacks allow cybercriminals to manipulate infected devices to carry out DDoS attacks on other systems, threatening critical infrastructure and public order.

The cybersecurity center has advised users to exercise extreme caution with documents and links received via social media or email, especially if the source appears dubious or unknown. They emphasized the importance of verifying such files before engaging with them.

Furthermore, it is critical to regularly update threat intelligence products and network security devices to prevent access to the identified malicious websites and IP addresses. The center encourages timely reporting to relevant authorities and collaboration in investigating and tracing these cyber threats.