This espionage-focused group has been active for at least two years and uses pre-installed tools on infected devices manually controlled by attackers. The campaign was disclosed by Microsoft and documented in recommendations from cybersecurity agencies in the US, Australia, Canada, New Zealand and the UK.
Hackers use hacked routers in homes and small offices to maintain privacy and create a proxy infrastructure that allows them to work through local ISPs. The group focuses on collecting data, including credentials, using command line instructions, archiving it for later leaks, and ensuring persistence with stolen valid credentials. They also adapt to normal network activity by routing traffic through hacked network equipment such as routers, firewalls, and VPN equipment.
It is assumed that the purpose of the campaign is to develop capabilities to disrupt critical communications infrastructure between the US and Asia during future crises. Guam’s strategic importance makes it a prime target for hackers, especially in the face of escalating tensions around Taiwan.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.