China-Backed Hackers Used Microsoft Flaw in Attacks, Defenders Say
The breaches in the United States and other countries took advantage of a disastrous security flaw that drew attention this month, after Microsoft issued a patch that fixed only part of the problem in SharePoint, which is widely used to coordinate work on documents and projects.
'We assess that at least one of the actors responsible for this early exploitation is a China-nexus threat actor,' said Charles Carmakal, chief technology officer of Google's Mandiant Consulting.
Another researcher, who, like others, spoke on the condition of anonymity because the inquiry is still underway, said federal investigators have evidence of U.S.-based servers linked to compromised SharePoint systems connecting to internet protocol addresses inside China on Friday and Saturday.
The FBI, the White House, and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency declined to comment Monday.
Two other responders working with the U.S. government said they had identified early attacks from China as well. The Chinese Embassy in Washington did not immediately respond to a request for comment.
The attacks allowed hackers to extract cryptographic keys from servers run by Microsoft clients. Those keys, in turn, would let them install anything, including back doors that they could use to return. Federal and state agencies were affected, researchers previously told The Washington Post, but it remains unclear which of them were vulnerable to follow-up attacks.
Only versions of SharePoint that are hosted by the customer, not those in the cloud, are vulnerable. Microsoft issued effective patches for the last of the exposed versions by Monday.
While installing the patches should prevent new intrusions, customers also need to change the machine's digital keys, apply anti-malware software and hunt for any breaches that have already occurred, Microsoft said.
Some of the early targets of the attack were entities that would interest the Chinese government, two of the responders said. But a wide range of attackers were now trying similar grabs, others said, looking to steal corporate secrets or install ransomware that encrypts key files until payments are made.
'It's critical to understand that multiple actors are now actively exploiting this vulnerability. We fully anticipate that this trend will continue, as various other threat actors, driven by diverse motivations, will leverage this exploit as well,' Carmakal said.
Piet Kerkhofs, CTO and co-founder of Europe-based Eye Security, said the SharePoint breaches share characteristics with other compromises that security researchers have attributed to China-based hackers.
For instance, hackers this month exploited a vulnerability in Citrix's NetScaler virtual desktop that some researchers saw being used by Chinese actors, Kerkhofs said. That hack was similar to the SharePoint compromise in that it turned a freshly discovered vulnerability into an 'exploit' or weapon – in 'extremely fast' order, 'hours to days,'' he said.
Another instance was China's global compromise of Microsoft Exchange email servers in early 2021. That case involved hackers sponsored by the Chinese government conducting widespread exploitation of core Microsoft software – its Exchange email server software.
That breach has been attributed to group that Microsoft calls Silk Typhoon, which is linked to China's Ministry of State Security. It is one of the most technically advanced hacking groups in the world and has been striking sensitive U.S. targets at an increased rate in the past year, The Post reported last week.
Silk Typhoon has broken into multiple U.S. federal agencies in the past and more recently hit multiple ministries in Europe, The Post reported.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
SoraNews24
12 minutes ago
- SoraNews24
Gacha capsule toy machine you control with your brain/prayers created in Japan【Video】
Designers want Mushin Gacha in arcades, anime specialty shops, and character cafes. We're in a gacha capsule toy golden age in Japan right now, with an unprecedented variety of items available to suit just about every interest and aesthetic taste. But while toy designers are constantly coming up with new prizes to stock gacha machines with, the purchasing process has changed very little: toss your coins into the slot, then turn the handle until a capsule drops for you. But what if instead of turning the handle with your hand, you could turn it with your mind? That's the idea behind Mushin Gacha, a new type of capsule toy machine dreamed up by Tokyo-based neurotechnology and AI research/solutions company Araya. 'Mushin' has a number of possible meanings, but among them are associations with innocence or desire, and those are aspects of the mental state you must achieve to get their Mushin Gacha prize capsule to drop. ▼ Mushin Gacha demonstration video Users don an electroencephalograph head sensor which measures their brain's current level of alpha waves, said to be produced when the mind is in a relaxed state. At the same time, a camera equipped with AI image recognition software will check to see if you've got your hands clasped in a 'please give me a gacha capsule' pose. Fulfilling those conditions, showing an unabashed genuine desire, will activate the Mushin Gacha's motor, causing it to drop your prize capsule. ▼ If you're wondering why it needs a crank at all, it's because gacha is the onomatopoeia of the clunking noise it makes as it turns, so it'd be weird to make a gacha machine without that traditional aural factor, even if it's so cutting-edge you operate it with your brain. Araya says it hopes to install Mushin Gacha machines at video game arcades, anime/manga specialty stores, shopping center game corners, fan events, popup stores, and themed cafes. The preview images show a 'Please insert coin' message on the screen, but it's not clear what happens if you don't achieve the right combination of prayer pose and alpha waves right away. Theoretically, operators could set it to so that players have an unlimited amount of time/number of chances to keep trying in, or perhaps could set a time limit after which no prize is won and the player needs to step aside and let someone else have a turn. Although the unit in the preview video is made out of cardboard, it feels like a safe bet that that's just a pre-production mockup, and that a more substantial and high-tech housing is in the works, and perhaps something Araya has in the works for its upcoming demonstration for visitors at this year's Tokyo Game Show in September. Source: PR Times Top image: PR Times Insert images: YouTube/Araya Inc., PR Times ● Want to hear about SoraNews24's latest articles as soon as they're published? Follow us on Facebook and Twitter!
Asahi Shimbun
9 hours ago
- Asahi Shimbun
India's Modi announces credit worth $565 million to the Maldives and launches free trade talks
Indian Prime Minister Narendra Modi, center, and Maldives President Mohamed Muizzu, center right, watch a traditional welcome dance upon Modi's arrival at the airport, in Male, Maldives, July 25. (Indian Prime Ministers Office via AP) COLOMBO, Sri Lanka--Indian Prime Minister Narendra Modi on Friday announced a $565-million line of credit to the Maldives during a visit to the Indian Ocean archipelago, as the two countries launched formal talks for a free-trade agreement. Modi is visiting the Maldives, known for its upmarket tourist resorts, to mark the 60th anniversary of its independence and diplomatic relations between the two countries. The announcement came during Modi's joint media statement with Maldives' President Mohamed Muizzu. The two-day visit is crucial to India's ambition to control the seas and shipping routes of the Indian Ocean in a race with its regional rival China. It also marks the further easing of diplomatic tensions between the two nations that followed the election of pro-China Muizzu in 2023. Regional powers India and China compete for influence in the archipelago nation, which is strategically located in the Indian Ocean. On Friday, Modi witnessed the exchange of agreements to cooperate in sectors such as fisheries, health, tourism and digital development. He also formally handed dozens of heavy vehicles to the Maldives' defense forces. 'India is Maldives' closest neighbor. Maldives holds an important place in both India's neighborhood- first policy and ocean vision," Modi said. 'India is also proud to be Maldives' most trusted friend.' The line of credit will be used for 'infrastructure and development projects in line with the priorities of the people of the Maldives,' he said. "India will continue to support Maldives in developing its defense capabilities. Peace, stability and prosperity in the Indian Ocean region is our common goal," he added. During Muizzu's visit to India last October, India announced financial support to the cash-strapped Maldives in the form of a $100-million treasury bills rollover and the countries signed a $400-million currency swap agreement. Tensions between India and the Maldives grew since Muizzu, who favored closer ties with China, was elected in 2023 after defeating India-friendly incumbent Ibrahim Mohamed Solih. Leading up to the election, Muizzu had promised to expel Indian soldiers deployed in the Maldives to help with humanitarian assistance. Last year New Delhi replaced dozens of its soldiers in the Maldives with civilian experts. Measure by Modi to promote tourism in India's Lakshadweep archipelago, off the southwestern coast of the Indian mainland, also sparked anger from Maldivians, who saw it as a move to lure Indian tourists away from their country. Indian celebrities then called for a tourism boycott to the Maldives. The dispute deepened when Muizzu visited China ahead of India in January last year, a move seen by New Delhi as a snub. On his return, Muizzu spelled out plans to rid his tiny nation of dependence on India for health facilities, medicines and import of staples. Relations started to improve after Muizzu attended Modi's swearing-in ceremony for a third five-year term. Muizzu has toned down his anti-Indian rhetoric, and official contacts with New Delhi have intensified as concerns grew about Maldives' economy. India has long been a critical provider of development assistance to the Maldives. Meanwhile, the Maldives joined China's Belt and Road Initiative in 2013 to build ports and highways and expand trade as well as China's influence across Asia, Africa, and Europe. Modi will attend the Maldives' 60th independence anniversary from being a British protectorate on Saturday.
Japan Today
9 hours ago
- Japan Today
China urges global consensus on balancing AI development, security
Chinese Premier Li Qiang is seen on a screen at the opening ceremony of the World Artificial Intelligence Conference in Shanghai on July 26, 2025 By Rebecca Bailey with Luna Lin in Beijing China's Premier Li Qiang warned Saturday that artificial intelligence development must be weighed against the security risks, saying global consensus was urgently needed even as the tech race between Beijing and Washington shows no sign of abating. His remarks came just days after US President Donald Trump unveiled an aggressive low-regulation strategy aimed at cementing US dominance in the fast-moving field, promising to "remove red tape and onerous regulation" that could hinder private sector AI development. Opening the World AI Conference (WAIC) in Shanghai on Saturday, Li emphasised the need for governance and open-source development, announcing the establishment of a Chinese-led body for international AI cooperation. "The risks and challenges brought by artificial intelligence have drawn widespread attention... How to find a balance between development and security urgently requires further consensus from the entire society," the premier said. Li said China would "actively promote" the development of open-source AI, adding Beijing was willing to share advances with other countries, particularly developing ones. "If we engage in technological monopolies, controls and blockage, artificial intelligence will become the preserve of a few countries and a few enterprises," he said. "Only by adhering to openness, sharing and fairness in access to intelligence can more countries and groups benefit from (AI)." The premier highlighted "insufficient supply of computing power and chips" as a bottleneck. Washington has expanded its efforts in recent years to curb exports of state-of-the-art chips to China, concerned that these can be used to advance Beijing's military systems and erode US tech dominance. For its part, China has made AI a pillar of its plans for technological self-reliance, with the government pledging a raft of measures to boost the sector. In January, Chinese startup DeepSeek unveiled an AI model that performed as well as top US systems despite using less powerful chips. 'Pet tiger cub' - At a time when AI is being integrated across virtually all industries, its uses have raised major ethical questions, from the spread of misinformation to its impact on employment, or the potential loss of technological control. In a speech at WAIC on Saturday, Nobel Prize-winning physicist Geoffrey Hinton compared the situation to keeping "a very cute tiger cub as a pet". "To survive", he said, you need to ensure you can train it not to kill you when it grows up. In a video message played at the WAIC opening ceremony, UN Secretary-General Antonio Guterres said AI governance would be "a defining test of international cooperation". The ceremony also saw the French president's AI envoy, Anne Bouverot, underscore the "an urgent need" for global action. At an AI summit in Paris in February, 58 countries including China, France and India -- as well as the European Union and African Union Commission -- called for enhanced coordination on AI governance. But the United States warned against "excessive regulation", and alongside the United Kingdom, refused to sign the summit's appeal for an "open", "inclusive" and "ethical" AI. © 2025 AFP
