INSUBCONTINENT EXCLUSIVE:
As governments around the world continue to deal with the coronavirus pandemic, a hacking group with potential ties to South Korea has
launched an espionage campaign against the Chinese government.The DarkHotel advanced persistent threat group has compromised over 200 VPN
servers in order to infiltrate a number of Chinese institutions and government agencies, according to a new report from Qihoo 360.In one
case, the hacking group exploited a previously unknown vulnerability in the enterprise VPN software Sangfor SSL and then installed malicious
software onto victim's machines in order to collect user data.The timing of the attack also coincided with new instructions from the Chinese
government which urged citizens to work from home in order to help stop the coronavirus' spread.While Qihoo 360 believes that the DarkHotel
hacking group was behind this latest series of attacks, other security researchers aren't so sure
In a post on Twitter, principal security researcher at Kaspersky, Brian Bartholomew argued that the Beijing-based security firm did not
This write up is full of speculation, no evidence this was actually DatkHotel, and a ton of confirmation bias about targeting because of
remote workers all over the world secure as they work from home during the coronavirus pandemic which is why we've seen an increased number
of attacks targeting them
of the coronavirus pandemic, Chinese enterprises and institutions abroad have all adopted the remote working mode and employees in each unit
will establish contact with the headquarters and transfer all sensitive data through the VPN
series of attacks still remains to be proven but hopefully other security researchers will now begin to look into the matter to see if Qihoo
360's claims are true.Also check out our complete list of the best VPN servicesVia CyberScoop
