HomesecurityChinese hacking group APT31 targets French agencies

Chinese hacking group APT31 targets French agencies

Today, the French national cyber-security service warned of an ongoing series of attacks against a large number of French organizations coordinated by the Chinese hacking group APT31.


See also: China: Denies US allegations of hacking and accuses them of cyber espionage

"Our research shows that the threatening agent uses a network of compromised home routers as functional relay boxes to carry out covert reconnaissance as well as attacks," the ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information) said in a statement. today.

"Therefore, the compromise ratios (IOCsare notified to assist in the assessment of possible infringements (searches should begin in early 2021) and to be used in detection services. "

Organizations that detect any of the shared IOCs in their logs indicate an attack that may be related to this current APT31 campaign are invited to report the incident to ANSSI via email.

See also: LinkedIn data belonging to 88.000 US business owners were exposed to hacking forums

APT31 (also known as Zirconium and Judgment Panda) is a hacking group commissioned by the Chinese government known for its numerous espionage and intelligence theft operations.

This threat has been linked in the past to the theft and repositioning of the EpMe NSA exploit years before the Shadow Brokers team leaked it publicly in April 2017.

Last year, Microsoft observed APT31 attacks targeting the international affairs community and high-profile individuals associated with Joe Biden's presidential campaign.

See also: LinkedIn: Data of 700 million users for sale in hacking forums

APT31 was also spotted by Google targeting "staff personal emails with credential phishing emails and emails containing tracking links".

Source of information:

Teo Ehc
Be the limited edition.