(Washington) Chinese hackers have hacked US bypass software (VPN) into U.S. security companies’ computer networks, IT security consultant Mandiand said Tuesday.
According to Mandiant, at least two hacker groups, one of which is believed to be close to the Chinese government, have been linked to vulnerable malware in VPNs – organizations that allow you to establish a secure connection – with Pulse Secure, a company based in the western U.S. state of Utah.
The report states that from October 2020 to March 2021, hackers used malware to steal the identities of VPN users and hack into the computer systems of prosecuting groups.
Governments and financial institutions in Europe and the United States are being targeted, according to an American adviser who refers to one of the groups as UNC2630.
“We suspect that UNC 2630 is operating on behalf of the Chinese government and has links to the ABD5,” a Hacker group known to be linked to Beijing officials said in a statement.
The consultant notes that “trusted third parties” have also linked this new theft to APT5.
“APT5 continues to target networks of high-value groups,” he adds. “The targets they want seem to be aerospace and defense companies based in the United States, Europe and Asia.”
The report did not specify how many companies were affected.
Pulse confirmed most of Secunde Mandian’s report, noting that it has already provided solutions to prevent malware from its customers.
The VPN maker promised that the hack would affect “a limited number of customers.”