The US Justice Department has indicted Chinese state security officers and hackers from APT27 and i-Soon for their involvement in a series of global cyberattacks and network breaches since 2011, targeting various governmental and private entities. This crackdown is part of a larger initiative to combat cyber threats from state-sponsored hackers. Affected: US federal and state government agencies, foreign ministries, US-based dissidents, religious organizations, technology companies, healthcare systems, universities, defense contractors.
Keypoints :
- The US Justice Department has charged Chinese hackers linked to APT27 and i-Soon for cyberattacks.
- Victims include US government agencies, foreign ministries, dissidents, and a religious organization.
- The indicted individuals include MPS officers and i-Soon employees involved in intrusions and data theft.
- The State Department is offering a million reward for information leading to the arrest of the individuals charged.
- Notable techniques included exploiting vulnerabilities, installing malware, and exfiltrating data.
- The crackdown signifies an intensified effort against cyber threats from Chinese state-sponsored hackers.
- OFAC has previously sanctioned other Chinese entities related to cyberattacks on US infrastructure.
MITRE Techniques :
- T1071.001 – Application Layer Protocol: The hackers exploited application layer protocols to establish communication with compromised networks.
- T1086 – PowerShell: Malware such as PlugX was utilized to create persistent access on victim machines.
- T1041 – Exfiltration Over Command and Control Channel: Stolen data was exfiltrated to the hackers’ controlled servers.
- T1070.001 – Indicator Removal on Host: The attackers may have employed techniques to remove indicators of compromise post-exploitation.
- T1083 – File and Directory Discovery: They identified and stole significant data from compromised networks.
Full Story: https://www.prsol.cc/2025/03/07/us-charges-chinese-hackers-linked-to-critical-infrastructure-breaches/