Prolific Chinese state-sponsored hackers are supported by various Chinese companies developing offensive cyber tools, according to SentinelLabs. The hackers have targeted organizations across multiple sectors and are linked to Chinese government agencies and private firms involved in cyber espionage and offensive operations. #SilkTyphoon #ChineseCompanies #MSS #ProxyLogon #Hafnium
Keypoints
- Chinese state-sponsored hackers, including Silk Typhoon, are backed by several Chinese companies developing offensive cyber capabilities.
- Multiple Chinese firms, such as Shanghai Firetech and Shanghai Powerock, are linked to hacking activities and private sector operations supporting MSS.
- Silk Typhoon targeted defense, healthcare, and government organizations, including the US Department of the Treasury.
- The hackers exploited the Exchange Server ProxyLogon zero-day in early 2021, possibly with government assistance.
- These Chinese companies develop advanced tools for surveillance, forensics, and HUMINT, potentially selling capabilities to regional MSS offices.