Recent cyber attack spree in Australia traced back to Chinese hacking groups

A report by the Australian Cyber Security Centre (ACSC) has released details on a crypto-jacking spree by gangs purportedly from China exploiting vulnerabilities in multiple Australian networks.

The report was released last week with the title “Copy-Paste Compromises – tactics, techniques and procedures used to target multiple Australian networks” stated that threat actors exploited four critical vulnerabilities in public-facing infrastructure, in a form of a cyber attack.

The primary exploits were through the use of remote code execution vulnerability in unpatched versions of Telerik UI, which is a web, mobile, and desktop software.

Vulnerabilities in Microsoft Internet Information Services (IIS), a 2019 SharePoint vulnerability, and the 2019 Citrix vulnerability, were also exploited.

Cointelegraph made the link with the Blue Mockingbird malware gang which has carried out similar attacks to infect thousands of systems with XMRRig, Monero (XMR) mining software.

The ACSC report elaborated on specific vulnerabilities such as CVE-2019-18935 used in Telerik UI for ASP.NET, and spearphishing attempts. Several Microsoft files and systems were also exploited.

Some Australian officials have hinted at Chinese involvement in the ongoing series of cyber attack as tensions between the two nations escalate.

Prime Minister Scott Morrison said Australian organizations, including governments and businesses, were currently being targeted by a sophisticated foreign “state-based” hacker,  according to ABC News.

The premier did not name China specifically but senior sources confirmed China is believed to be behind the cyber-attacks.

Featured image courtesy of Catarina Sousa/Pexels

Micky is a news site and does not provide trading, investing, or other financial advice. By using this website, you affirm that you have read and agree to abide by our Terms and Conditions.
Micky readers – you can get a 10% discount on trading fees on FTX and Binance when you sign up using the links above.

Be the first to comment

Any tought ?