Most Read News
Chinese Ministry of State Security Accused of Hacking Online Betting Sites
China’s Ministry of State Security Linked to Global Cyberattacks
A recent study has unveiled a widespread pattern of cyberattacks across 17 countries, targeting online gambling platforms and political entities. These cyber intrusions, reportedly carried out by hackers associated with China’s Ministry of State Security, have been ongoing since 2021.
Insikt Group Exposes RedHotel’s Cyber Espionage
The Insikt Group, a threat research division of Recorded Future, has been investigating RedHotel, an advanced cyber-espionage organization allegedly backed by China. RedHotel is known for orchestrating sophisticated malware attacks and espionage missions in Southeast Asia and Asia.
Varied Targets and Activities
The cyber network’s reach spans countries like Afghanistan, Bangladesh, Cambodia, Hong Kong, India, Malaysia, Palestine, the Philippines, Taiwan, Thailand, the U.S., and Vietnam. While major political entities were the primary focus, even online gambling platforms were not spared.
Jon Condra, a member of Recorded Future’s Strategic and Persistent Threats team, highlights RedHotel’s significant role in promoting China’s interests. The group’s activities encompass diverse global organizations and industries, tracked by Microsoft and SecureWorks.
The victims include pro-democracy organizations, research institutions, religious minorities, and online gaming companies. In 2022, RedHotel, reportedly breached an unidentified U.S. state government and continues its intelligence gathering coupled with economic espionage.
Chengdu: Operational Nexus of Cyber Threats
RedHotel operates primarily from Chengdu, China, as part of several state-supported groups. Its actions contribute to China’s military capabilities and economic dominance. Nations in Southeast Asia face significant risks from this group, while RedHotel diversifies its targets.
Researchers state that RedHotel’s primary goal is intelligence collection and financial spying. Investigations into their cyberattacks have been ongoing since 2019.
The group’s tactics include disguising malware as legitimate Microsoft troubleshooting software. It gains access, extracts data, and transmits it persistently, remaining undetected.
Recent reports suggest compromised government infrastructures, with Chinese malware found on critical military systems and infiltration of top levels of the Japanese government.
The audacious actions of RedHotel highlight the urgent need for heightened cybersecurity measures globally.