Chinese hacker group APT41 uses recent exploits to target companies worldwide
Security researchers warn that a Chinese cyberespionage group has been attacking organizations worldwide by exploiting vulnerabilities in popular business applications and devices from companies such as Cisco, Citrix and Zoho. In light of the ongoing COVID-19 crisis, the risk to companies is even greater, because IT staffs are working remotely and the rush to accommodate work-from-home employees might leave business applications exposed to the internet without adequate protection.
“Between January 20 and March 11, FireEye observed APT41 attempt to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central at over 75 FireEye customers,” researchers from security firm FireEye said in a report released today. They also described the attacks as “the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.”