Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign
APT41, a Chinese threat group that is responsible for dozens of destructive cyberattacks, has been exploiting vulnerabilities in Citrix NetScaler/ADC, Cisco routers and Zoho ManageEngine Desktop Central as part of a new espionage campaign. However, researchers have not yet determined if the campaign is targeting specific organizations or what these organizations might be, and as of right now it seems to be an attempted exploitation en masse.
APT41 has previously targeted industries such as banking and finance, defense, government, legal, healthcare, media, oil and gas, and non-profit as well as manufacturing companies. The group has targeted a dozen countries, including Australia, Canada, Denmark, France, Japan, Saudi Arabia, the UK, and the US. On January 20, researchers first observed the threat group attempting to exploit a Citrix zero-day flaw known as CVE-2019-19781.