Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Windows

Chinese Espionage Group Deploys New Rootkit Compatible With Windows 10 Systems (therecord.media) 18

At the SAS 2021 security conference today, analysts from security firm Kaspersky Lab published details about a new Chinese cyber-espionage group that has been targeting high-profile entities across South East Asia since at least July 2020. From a report: Named GhostEmperor, Kaspersky said the group uses highly sophisticated tools and is often focused on gaining and keeping long-term access to its victims through the use of a powerful rootkit that can even work on the latest versions of Windows 10 operating systems. "We observed that the underlying actor managed to remain under the radar for months," Kaspersky researchers explained today. The entry point for GhostEmperor's hacks were public-facing servers. Kaspersky believes the group used exploits for Apache, Oracle, and Microsoft Exchange servers to breach a target's perimeter network and then pivoted to more sensitive systems inside the victim's network.
This discussion has been archived. No new comments can be posted.

Chinese Espionage Group Deploys New Rootkit Compatible With Windows 10 Systems

Comments Filter:
  • Good Timing (Score:5, Funny)

    by Thelasko ( 1196535 ) on Thursday September 30, 2021 @01:59PM (#61848685) Journal
    Good thing we'll all be moved over to Windows 11 next week. [windows.com]
    • No one is being force to move to Windows 11, supposedly. I presume it is just as insecure as Windows 10 is where this particular vulnerability is concerned. No one should believe that Windows 11 is really and truly more secure. The holes in its new layers just haven't all been discovered yet. This game has been played since Windows 98 was the "fastest and most secure Windows ever". Neither statement was entirely correct, unless you ran it on a new faster computer than an older Window 95 one, which when com
  • is Excel. Like a single-issue voter, I'm a single-application buyer. Win 10 tripled my desire to escape, I think Win 11 is going to triple it again.

    • If I were you, I would use Crossover on Linux or a Mac to run Excel: https://www.codeweavers.com/cr... [codeweavers.com]
    • The only thing keeping me is my stupid clients who all still use this Toy Operating System and pay me handsomely for helping them write software for it.

      To me their all morons if they continue to use Windows and I hope their data gets stolen someday or encrypted with ransomware.
    • VMs are effortless these days and a convenient way to keep a variety of OS to run niche apps.

      You can backup the complete VM instead of saving files and with storage space trivially cheap you can have an immediately usable backup anywhere you like.

  • Oh no! Not our beloved Apache. Whatever did you do to be lumped with those two?

  • Russian, Chinese, (or even the USA, as in CIA, etc), is distracting from the initial issue. Windows is a single user app. As soon as you allow the think, windows is a real OS for security and hosting/serving important business, you have been sold a huge exaggeration on what windows is.

    The most hacking for money has happened on windows stuff.
    Now I am sure this will irritate some, cause they will point out all the other OS's that get breached too. Thats a lame excuse. One is *always* broken all the
    • lol, "356" , I did mean 365.
    • by Tablizer ( 95088 )

      Windows ain't the real problem. If deep pocket hackers want to get into an OS, they will find a way. It's a labor race and despots have armies of de-facto slaves and don't care about profits. Linux ain't hole-free either.

  • This clearly illustrates that Microsoft's USP of Windows 10's "enhanced security" is completely FAKE and that in fact it's no more secure than Windows XP and vastly less secure than Linux.
  • Sure, Windows 10 compatibility is great, but what about Linux? Linux users once again get the shaft—if we're lucky, we might get support in 6-12 months, but most likely it probably will never come.

  • Perhaps it's time the CIA kidnap these jerks from their homes or coffee shops, ship them to a US prison, and parade them in front of the world. Send a real message with real teeth, or else this will continue and get worse.

  • Who says Microsoft doesn't care about the users? This rootkit is vetted for quality.

    https://www.virustotal.com/gui/file/626fae47811450d080d08c3d9fd890aa64bfecdc45eacd42a40850c1833c8763/details [virustotal.com]

"The whole problem with the world is that fools and fanatics are always so certain of themselves, but wiser people so full of doubts." -- Bertrand Russell

Working...