Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Chinese VPN used by APT actors relies on hacked servers

Chinese VPN used by APT actors relies on hacked servers

2015/08/04

Securityweek - (International) Security researchers at RSA analyzed a Chinese virtual private network (VPN) service dubbed "Terracotta" and found that the service has at least 31 hacked Windows server nodes worldwide in hospitality, government organizations, universities, technology services providers, and private firms. Researchers have observed compromised servers running the Gh0st Remote Administration Tool (RAT), the Mitozhan trojan, and the Liudoor Backdoor, among others.

Source: http://www.securityweek.com/chinese-vpn-used-apt-actors-relies-hacked-servers

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:53