Chinese hackers exploited vulnerabilities in Citrix, Cisco and Zoho

Chinese hackers exploited vulnerabilities in Citrix, Cisco and Zoho

New York, 25.3.2020

Between January 20 and March 11, FireEye witnessed an attempt by Chinese hacker group APT41 to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers and Zoho ManageEngine Desktop Central at over 75 FireEye customers in one.
The target of this year’s largest cyber-espionage campaigns was critical enterprise infrastructure. „This activity is one of the most widespread campaigns we’ve seen in recent years from China Exus spies. The new activity of this group shows how resourceful and how quickly they can use newly discovered vulnerabilities to their advantage,“ noted FireEye researchers.
Target countries included Australia, Canada, Denmark, Finland, France, India, Italy, Japan, Malaysia, Mexico, the Philippines, Poland, Qatar, Saudi Arabia, Singapore, Sweden, Switzerland, the United Arab Emirates, the United Kingdom and the United States. The following industries were targeted: Banking/Finance, Construction, Defense, Government, Healthcare, High Technology, Higher Education, Law, Manufacturing, Media, Nonprofit, Oil and Gas, Petrochemical, Pharmaceutical, Real Estate, Telecommunications, Transportation, Travel and Utilities.