The U.S. government today publicly exposed malware used in Chinese government hacking efforts for more than a decade. From a report: The Chinese government has been using malware, referred to as Taidoor, to target government agencies, entities in the private sector, and think tanks since 2008, according to a joint announcement from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the Department of Defense, and the FBI. The Chinese Communist Party has been using the malware, in conjunction with proxy servers, “to maintain a presence on victim networks and to further network exploitation,” according to the U.S. government’s malware analysis report (MAR). In particular, Taidoor has been used to target government and private sector organizations that have a focus on Taiwan, according to previous FireEye analysis. It is typically distributed to victims through spearphishing emails that contain malicious attachments.
U.S. Cyber Command, the DOD’s offensive cyber unit, has also shared samples of Taidoor through malware-sharing platform VirusTotal so information security professionals can further examine it. Cyber Command has been uploading malware samples to VirusTotal since 2018 in an effort to help the private sector better protect against foreign adversaries, as well as to deter adversaries from running hacking campaigns. But it appeared to be the first time in the program’s approximately two-year history that the Pentagon has chosen to identify malware that looks to be Chinese in origin. The DOD has frequently exposed North Korean hacking through VirusTotal uploads, as well as campaigns linked with Russian and Iranian hacking.
of this story at Slashdot.
Source:: Slashdot