Cybersecurity researchers from CrowdStrike have discovered that China funded hacking group Aquatic Panda was busy indulging in spying and espionage activities related to industrial intelligence and military secrets.
Researchers from the security firm argue that said threat group was actively taking part in intelligence collection since May 2020, when almost the entire world was busy jostling with COVID-19 pandemic propelled lockdown and aftermath consequences.
The good news is that the law enforcement agencies of western countries managed to disrupt their attacks to a large extent. However, they could not weed out the objective of Aquatic Panda in finding ways to gain access to intellectual property related to telecom, government and few technology companies.
CrowdStrike stated that the focus of the cyber crooks has now shifted to VMware environments running in educational institutions- all by exploiting the newly found Log4J Shell vulnerability.
Last week, US CISA issued an advisory saying that some threat actors group funded by Iran, North Korea, Turkey, and China were constantly on a prowl of exploiting Logj4 vulnerability to induct ransomware and other such malicious software.
So, it is urging all businesses to take appropriate measures to mitigate all cyber risks associated with Log4j2 issues.
Note- Found in 2012, Aquatic Panda is found relying heavily on cobalt strike, the remote access exploiting tool. Chinese intelligence is seen funding this group of Threat Actors whose primary job is to steal valuable data related to companies and governments includes details linked to R&D of products, services and medicines funded by public and private companies.
