INSUBCONTINENT EXCLUSIVE:
The US cybersecurity firm FireEye has detected a surge in online espionage carried out by the Chinese hacking group APT41.The spike in
activity from APT41 began at the end of January and lasted till mid-March during which time the group targeted 75 organizations from a
number of different industries including telecommunications, healthcare, government, defense, finance, petrochemical, manufacturing and
The group also targeted nonprofit, legal, real estate, travel, education and media organizations.In their report on APT41's recent
activities, FireEye researchers Christopher Glyer, Dan Perez, Sarah Jones and Steve Miller explained that the group is likely responsible
campaigns we have seen from China-nexus espionage actors in recent years
Citrix's Application Delivery Controller (ADC), Cisco's routers and Zoho's ManageEngine Desktop Central to launch their attacks on
targeted organizations.The Citrix vulnerability was made public a month before the group's campaign began while a zero-day remote code
execution vulnerability in Zoho's ManageEngine Desktop Central was discloses just three days before the group leveraged the security flaw
Although FireEye does not have a copy of the malware used against Cisco's routers, the company believes that APT41 designed its own custom
malware to launch attacks against them.FireEye first gave a name to the Chinese hacking group last year but APT41 has been conducting
state-sponsored espionage for some time now.In a statement to CyberScoop, FireEye explained the that motive behind APT41's latest campaign
is unknown but there are multiple explanations as to why it launched cyberattacks on 75 organizations across a variety of industries,
There are multiple possible explanations for the increase in activity including the trade war between the United States and China as well as
the COVID-19 pandemic driving China to want intelligence on a variety of subjects including trade, travel, communications, manufacturing,
