Security News Chinese hackers infect Dutch military network with malware

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,601
Content source
https://www.bleepingcomputer.com/news/security/chinese-hackers-infect-dutch-military-network-with-malware/
A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.

However, despite backdooring the hacked systems, the damage from the breach was limited due to network segmentation.

"The effects of the intrusion were limited because the victim network was segmented from the wider MOD networks," said MIVD and the General Intelligence and Security Service (AIVD) in a joint report.

"The victim network had fewer than 50 users. Its purpose was research and development (R&D) of unclassified projects and collaboration with two third-party research institutes. These organizations have been notified of the incident."

During the follow-up investigation, a previously unknown malware strain named Coathanger, a remote access trojan (RAT) designed to infect Fortigate network security appliances, was also discovered on the breached network.

"Notably, the COATHANGER implant is persistent, recovering after every reboot by injecting a backup of itself in the process responsible for rebooting the system. Moreover, the infection survives firmware upgrades," the two Dutch agencies warned.

"Even fully patched FortiGate devices may therefore be infected, if they were compromised before the latest patch was applied."
Click to expand...
www.bleepingcomputer.com

Chinese hackers infect Dutch military network with malware

A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Wow
  • +Reputation
Reactions: Andy Ful, FALLEN, brambedkar59 and 9 others
L

LennyFox

Level 7
Jan 18, 2024
307
A background article of a Dutch quality newspaper (Volkskrant which is after a paywall) states clearly that in Fortinet issued a patch in December 2022, which that (small) department did not implement. :eek::eek::eek: Luckily that department was a stand alone department, not connected to the main defense network.
 
  • Like
Reactions: vtqhtr413, brambedkar59 and Gandalf_The_Grey
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,601
Dutch military network hacked via FortiGate; Volt Typhoon botnet in US systems for 5 years
An espionage operation by the Chinese government in a computer network of the Dutch military has probably been uncovered. The military network was hacked via a vulnerability in FortiGate. This is also relevant for other Fortinet customers. And it has since been revealed that the Volt Typhoon botnet, which was allegedly operated by Chinese state-affiliated hackers and recently shut down by the FBI, had probably been in existence for five years. The US security agency CISA published further details on Feb. 7, 2024.
Click to expand...
borncity.com

Dutch military network hacked via FortiGate; Volt Typhoon botnet in US systems for 5 years

[German]An espionage operation by the Chinese government in a computer network of the Dutch military has probably been uncovered. The military network was hacked via a vulnerability in FortiGate. This is also relevant for other Fortinet customers. And it has since been revealed that the Volt...
borncity.com
 
  • Like
  • +Reputation
  • Wow
Reactions: vtqhtr413, brambedkar59 and LennyFox

Similar threads

Gandalf_The_Grey
    • +Reputation
    • Wow
Malware News Russian military hackers target Ukraine with new MASEPIE malware
Replies
0
Views
1,178
Security News
Gandalf_The_Grey
Gandalf_The_Grey
vtqhtr413
    • Wow
    • +Reputation
    • Like
Security News Chinese 'Earth Krahang' hackers breach 70 orgs in 23 countries
Replies
0
Views
818
Security News
vtqhtr413
vtqhtr413
Gandalf_The_Grey
    • +Reputation
    • Wow
Security News Chipmaker Nexperia confirms breach after ransomware gang leaks data
Replies
0
Views
1,258
Security News
Gandalf_The_Grey
Gandalf_The_Grey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top