Referring to the hackers as APT41, Christopher Glyer, Dan Perez,Sarah Jones, and Steve Miller of FireEye stated, “This activity is one of the most widespread campaigns we have seen from China-nexus espionage actors in recent years. While APT41 has previously conducted activity with an extensive initial entry such as the trojanizing of NetSarang software, this scanning and exploitation has focused on a subset of our customers, and seems to reveal a high operational tempo and wide collection requirements for APT41.” They noted, “Between January 20 and March 11, FireEye observed APT41 attempt to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central at over 75 FireEye customers.”
Cyberscoop explained, “APT41 zeroed in on victims by going after vulnerabilities in Citrix’s Application Delivery Controller (ADC), Cisco’s routers, and Zoho’s ManageEngine Desktop Central, according to FireEye. The Citrix vulnerability was publicly revealed a month prior to APT41’s campaign, and a researcher only revealed code for a zero-day remote code execution vulnerability in Zoho ManageEngine Desktop Central three days before the group took advantage, suggesting the group is interested in promptly taking advantages of reported flaws.”
https://www.dailywire.com/news/stat...ampaign-against-u-s-in-early-2020-report-says
Cyberscoop explained, “APT41 zeroed in on victims by going after vulnerabilities in Citrix’s Application Delivery Controller (ADC), Cisco’s routers, and Zoho’s ManageEngine Desktop Central, according to FireEye. The Citrix vulnerability was publicly revealed a month prior to APT41’s campaign, and a researcher only revealed code for a zero-day remote code execution vulnerability in Zoho ManageEngine Desktop Central three days before the group took advantage, suggesting the group is interested in promptly taking advantages of reported flaws.”
https://www.dailywire.com/news/stat...ampaign-against-u-s-in-early-2020-report-says
