18 Nov 2022 | Asia Cyber Summary

In the spotlight this week:

• State-Sponsored Hackers In China Compromise Certificate Authority
• North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor
• Australia To Consider Banning Paying Of Ransoms To Cyber Criminals
• Hackers Strand Vanuatu Government For Over a Week
  ‍

State-Sponsored Hackers In China Compromise Certificate Authority

Researchers stated on Tuesday that nation-state hackers based in China recently infected a certificate authority, as well as a number of government and defense organizations, with a potent malware cocktail for penetrating a network and stealing sensitive data. The successful compromise of the unnamed certificate authority is potentially serious, because these entities are trusted by browsers and operating systems to certify the identities responsible for a particular server or app.

North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor

Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey, and the U.S. According to cyber security researchers, Dtrack allows criminals to upload, download, start or delete files on the victim host. The victimology patterns indicate an expansion to Europe and Latin America. Sectors targeted by the malware are education, chemical manufacturing, governmental research centers and policy institutes, IT service providers, utility providers, and telecommunication firms.

Australia To Consider Banning Paying Of Ransoms To Cyber Criminals

Following recent cyberattacks that affected millions of Australians, Australia's Home Affairs Minister Clare O'Neil stated on Sunday that the government would consider making it criminal to pay ransom to cyber hackers. The comments come after O'Neil, on Saturday, formalized a new cyber-policing model between the Australian Federal Police (AFP) and the Australian Signals Directorate - which intercepts electronic communications from foreign countries - to do "new tough policing" on cybercrime.

Hackers Strand Vanuatu Government For Over a Week

Vanuatu's government has been knocked offline for more than 11 days after a suspected ransomware attack on servers in the country. The government, police, and prime minister's offices' websites on the Pacific island have all been disabled. It has also taken down the email system, intranet and online databases of schools, hospitals and other emergency services as well as all government services and departments. About 315,000 people, spread across numerous islands, are residing in the country, and the government closure has made it difficult for them to complete basic activities like paying taxes, invoicing bills, obtaining licenses, and obtaining travel visas.