China government-linked hackers caught running a seriously dangerous ransomware scam
Posted by:
James Thompson
A Chinese state-sponsored threat actor, Emperor Dragonfly, typically focused on cyber-espionage, surprised experts by deploying ransomware against an Asian software company. Symantec researchers noted the unusual move, with the attackers using the RA World ransomware and demanding a $2 million ransom. This unexpected tactic raised suspicions that the ransomware attack might be a smokescreen for a larger espionage operation. The hackers exploited a known Palo Alto vulnerability to breach the company’s infrastructure, steal data, and encrypt computers. This incident marks a shift in tactics for Chinese threat actors, who usually prioritize espionage over ransom demands.
Recent Posts1
