Chinese Espionage Group Deploys New Rootkit Compatible With Windows 10 Systems (therecord.media) 18
At the SAS 2021 security conference today, analysts from security firm Kaspersky Lab published details about a new Chinese cyber-espionage group that has been targeting high-profile entities across South East Asia since at least July 2020. From a report: Named GhostEmperor, Kaspersky said the group uses highly sophisticated tools and is often focused on gaining and keeping long-term access to its victims through the use of a powerful rootkit that can even work on the latest versions of Windows 10 operating systems. "We observed that the underlying actor managed to remain under the radar for months," Kaspersky researchers explained today. The entry point for GhostEmperor's hacks were public-facing servers. Kaspersky believes the group used exploits for Apache, Oracle, and Microsoft Exchange servers to breach a target's perimeter network and then pivoted to more sensitive systems inside the victim's network.
Good Timing (Score:5, Funny)
Re: (Score:2)
The only thing keeping me on Windows (Score:2)
is Excel. Like a single-issue voter, I'm a single-application buyer. Win 10 tripled my desire to escape, I think Win 11 is going to triple it again.
Re: (Score:2)
Re: (Score:1)
To me their all morons if they continue to use Windows and I hope their data gets stolen someday or encrypted with ransomware.
So run a VM fro Excel (Score:2)
VMs are effortless these days and a convenient way to keep a variety of OS to run niche apps.
You can backup the complete VM instead of saving files and with storage space trivially cheap you can have an immediately usable backup anywhere you like.
Innocent victim. (Score:2)
Oh no! Not our beloved Apache. Whatever did you do to be lumped with those two?
Why mention nations? Windows is just weak. (Score:2)
The most hacking for money has happened on windows stuff.
Now I am sure this will irritate some, cause they will point out all the other OS's that get breached too. Thats a lame excuse. One is *always* broken all the
Re: (Score:2)
Re: (Score:3)
Re: (Score:1)
Windows ain't the real problem. If deep pocket hackers want to get into an OS, they will find a way. It's a labor race and despots have armies of de-facto slaves and don't care about profits. Linux ain't hole-free either.
Fake security (Score:1)
Linux compatibility? (Score:2)
Sure, Windows 10 compatibility is great, but what about Linux? Linux users once again get the shaft—if we're lucky, we might get support in 6-12 months, but most likely it probably will never come.
Kidnapping (Score:1)
Perhaps it's time the CIA kidnap these jerks from their homes or coffee shops, ship them to a US prison, and parade them in front of the world. Send a real message with real teeth, or else this will continue and get worse.
Re: (Score:2)
Cheat Engine is WHQL Signed (Score:2)
https://www.virustotal.com/gui/file/626fae47811450d080d08c3d9fd890aa64bfecdc45eacd42a40850c1833c8763/details [virustotal.com]