Government VPN Servers Targeted in Zero-Day Attack
Security analysts at the Chinese firm Qihoo 360 claim that the Chinese government is being targeted by the threat actor group DarkHotel amid efforts to provide access to official resources for those working remotely. The Chinese government has been using virtual private networks (VPNs) to achieve this goal, and DarkHotel has capitalized on this opportunity to target the government’s VPNs in a zero-day attack, according to Qihoo.
Qihoo stated that the attacks began in March against Chinese VPN provider SangFor, which is used by numerous government agencies. Qihoo also stated that as of last week, at least 200 VPN servers connecting to multiple endpoints had been compromised and the victims include Chinese agencies across the world. On Monday, Qihoo published a report stressing the importance of ensuring that internal assets are not exposed to the public network. The group also added that the campaign is complex and requires sophisticated hacking techniques.