Chinese in the Dutch Army Network (x 5 years)

A major Chinese government spying operation on a Dutch military network has been revealed. The military network was compromised through a FortiGate vulnerability. This also applies to her other customers Fortinet.

The Volt Typhoon botnet, allegedly operated by Chinese state hackers and recently shut down by the FBI, was also revealed to have been around for five years. The American security agency CISA post more details on February 7, 2024.Dutch military

A network of the Dutch armed forces has been targeted by state hackers from China, as can be seen from the tweet below.

However, according to the Dutch Military Intelligence and Security Service (MIVD), this is a network used for unclassified research and development (R&D from research and development).

https://bsky.app/profile/ninjaowl.ai/post/3kksqer2e4e2u

screenshot 2024 02 09 16 53 23

The attack took place in 2023, with attackers exploiting a known critical vulnerability in FortiOS SSL VPN (CVE-2022-42475, CVSS Score: 9.3) that allows an unauthenticated attacker to run arbitrary code via specially crafted requests.

China was spying on the Netherlands with the new remote access trojan (RAT) “COATHANGER” malware.

The successful exploitation of the vulnerability mentioned above paved the way for COATHANGER to be installed as a backdoor that gave hackers remote access to the network.

More information

http://www.ncsc.nl/documenten/publicaties/2024/februari/6/mivd-aivd-advisory-coathanger-tlp-clear

https://www.ncsc.nl/actueel/advisory?id=NCSC%2D2022%2D0763

https://www.reuters.com/technology/cybersecurity/china-cyber-spies-hacked-computers-dutch-defence-ministry-report-2024-02-06/

https://github.com/JSCU-NL/COATHANGER

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).