Google-owned security company Mandiant issued a report on Thursday. The report expressed “high confidence” that the group exploiting a software vulnerability in Barracuda Networks’ Email Security Gateway was engaged in “espionage activity in support of the People’s Republic of China. And that the hack compromised tens of thousands of computers globally.
Mandiant describes a massive hack
”Suspected state-backed Chinese hackers used a security hole in a popular email security appliance to break into the networks of hundreds of public and private sector organizations globally, nearly a third of them were government agencies including foreign ministries.
“This is the broadest cyber espionage campaign known to be conducted by a China-nexus threat actor since the mass exploitation of Microsoft Exchange in early 2021,” Charles Carmakal, Mandiant’s chief technical officer, said in an emailed statement.
Mandiant’s report highlights the broad scope of the cyber espionage campaign orchestrated by the China-nexus threat actor.
