### #ZeroDayExploitation #SQLInjection #StateSponsoredHacking
Summary: US authorities have charged Chinese national Guan Tianfeng for exploiting a zero-day vulnerability to hack tens of thousands of Sophos firewall devices globally. His actions are linked to state-sponsored cyber operations, raising concerns about national security.
Threat Actor: Guan Tianfeng | Guan Tianfeng
Key Point :
- Guan exploited the SQL injection vulnerability (CVE-2020-12271) to compromise approximately 81,000 devices.
- The malware developed was designed to steal sensitive information while evading detection by mimicking legitimate resources.
- Sichuan Silence, Guan’s employer, is linked to China’s Ministry of Public Security and is believed to support state-sponsored cyber operations.
- The US State Department is offering a $10 million reward for information leading to Guan’s capture or identification of other cyber actors targeting US interests.
Original Source: https://www.justice.gov/opa/pr/china-based-hacker-charged-conspiring-develop-and-deploy-malware-exploited-tens-thousands
Cyber Law and Cybercrime Investigation Blog: Immuniweb