Chinese hackers use ransomware as decoy for cyber espionage

By Bill Toulas, Bleeping Computer

Two Chinese hacking groups conducting cyber espionage and stealing intellectual property from Japanese and western companies are deploying ransomware as a decoy to cover up their malicious activities.

Threat analysts from Secureworks say that the use of ransomware in espionage operations is done to obscure their tracks, make attribution harder, and create a powerful distraction for defenders.

Finally, the exfiltration of the sensitive information is masked as financially-motivated attacks, which isn't the case with Chinese government-sponsored threat groups.


Comments

Popular posts from this blog

Ukraine targeted by DDoS attacks from compromised WordPress sites

Microsoft fixes new PetitPotam Windows NTLM Relay attack vector

Microsoft Azure outage takes down services across North America