Chinese state hackers targeting Microsoft customers, US tech giant says
Microsoft said it has observed three threat groups –- dubbed Linen Typhoon, Violet Typhoon, and Storm-2603 –- targeting internet-facing SharePoint servers using two newly disclosed vulnerabilities that allow attackers to bypass authentication and execute remote code.
SharePoint Server is Microsoft's collaboration and document management platform designed for businesses and organizations.
Many large organizations use SharePoint as their primary platform for internal collaboration and for storing documents, and is appreciated for working well with other Microsoft products like Office, Teams, and Outlook.
The attacks, which Microsoft said began as early as July 7, affect only on-premises SharePoint installations and do not impact the cloud-based SharePoint Online service, the company said in a security bulletin.
Microsoft warned that it 'assesses with high confidence' that the threat actors will continue their assault against vulnerable systems where companies haven't taken the necessary precautions.
The vulnerabilities allow attackers to spoof authentication credentials and execute malicious code remotely on vulnerable servers.
Microsoft has released comprehensive security updates to address the malware and urged customers to apply the patches immediately.
In their successful attacks, the Chinese hackers deployed malicious code that provides backdoor access to compromised systems. The attackers used these tools to steal machine encryption keys and maintain access to targeted networks.
Linen Typhoon, active since 2012, primarily focuses on intellectual property theft from government, defense, and human rights organizations.
Violet Typhoon, operating since 2015, conducts espionage against former government officials, NGOs, think tanks, and media organizations across the United States, Europe, and East Asia.
Storm-2603, which Microsoft assesses with 'medium confidence' to be China-based, has previously deployed ransomware but its current objectives remain unclear.
Research from cybersecurity company Check Point said the campaign began on July 7 against a major Western government and that the attacks intensified dramatically around July 18.
Since then, researchers have confirmed dozens of compromise attempts primarily targeting organizations in North America and Western Europe, Check Point said in a blog post.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
South China Morning Post
3 hours ago
- South China Morning Post
Chinese scientists break design ‘curse' that killed US Navy's X-47B drone programme
Chinese aerospace engineers have a revolutionary software design, which they say will allow them to overcome a major barrier to stealth aircraft development The new platform allows plane designers to have as many design variables as they want without increasing computing load – a feat long deemed impossible in aviation circles. The researchers described their innovation as breaking the 'dimensionality curse' and used the US Navy's X-47B, a demonstration stealth drone, to illustrate how the system worked. Once celebrated for its carrier landings and autonomous aerial refuelling, the X-47B project was cancelled in 2015 because of unresolved trade-offs between stealth, aerodynamics and propulsion. However, the Chinese software design delivered dramatic improvements to the design with 740 variables, including measures to reduce flight drag and its radar signature, as well as improving engine thrust while maintaining airflow stability. 'Traditional global optimisation algorithms face the curse of dimensionality problem,' wrote the team led by Huang Jiangtao from the China Aerodynamics Research and Development Centre in a peer-reviewed paper published in Acta Aeronautica et Astronautica Sinica earlier this month. The shape of components such as wing leading edges and engine inlet ducts affects two crucial things: how smoothly the plane flies and how easily it can be detected by enemy radars.
South China Morning Post
5 hours ago
- South China Morning Post
India to issue first tourist visas to Chinese nationals in 5 years
India will allow Chinese citizens to apply for tourist visas for the first time in five years amid ongoing efforts by the world's two most populous countries to improve relations following years of tension. The Indian embassy in Beijing said applications for tourist visas would resume on Thursday. It said applicants must complete an online form then book an in-person appointment to submit the required documents at centres in Beijing, Shanghai or Guangzhou. China's foreign ministry described the announcement as a 'positive move' that served the 'common interest' of all sides. 'China stands ready to maintain communication and coordination with India to keep facilitating people-to-people exchanges between the two countries,' Guo Jiakun, a spokesman for the ministry, said on Wednesday.
AllAfrica
6 hours ago
- AllAfrica
China's fifth-gen jets sharpen edge for drone swarm war
China may be skipping the sixth-gen fighter leap—for now—and doubling down on drone swarms, loyal wingmen and stealth upgrades to supercharge its fifth-gen fight force. This month, The War Zone (TWZ) reported that China is poised to unveil its latest autonomous air combat drones, likely 'loyal wingman' types, during a high-profile military parade in September, marking the 80th anniversary of its victory over Japan. Satellite imagery from June of the Yangfang base near Beijing—routinely used for parade preparations—reveals a diverse array of uncrewed aerial vehicles (UAVs), including five tailless designs not previously identified, indicating the People's Liberation Army's (PLA) active development of manned-unmanned teaming (MUM-T) capabilities. The push underscores China's strategic ambition to integrate unmanned combat air vehicles (UCAVs), like the GJ-11 Sharp Sword, and aircraft such as the J-20S and KJ-500 into a future air combat ecosystem augmented by AI-driven swarming and networked systems. Supplementary evidence, including recent flight footage and mockups at Shenyang's aircraft plant, supports China's accelerating investment in stealth unmanned combat aerial vehicles (UCAVs) and crewed-uncrewed operational integration. Underscoring this trend, TWZ notes that China's two-seat J-20S stealth fighter has likely entered operational PLA Air Force (PLAAF) service. The redesigned fuselage accommodates a second crew member, likely tasked with controlling loyal wingman drones for suppression and support in contested zones. Instead of pursuing a clean-sheet sixth-generation fighter, China appears to be enhancing existing systems by integrating autonomous loyal wingmen and AI-connected combat networks. This points to a shift toward scalable, distributed airpower built on human-machine teaming and drone swarms—raising questions about China's future trajectory in air combat and how it stacks up against US efforts under the Next Generation Air Dominance (NGAD) program. The Asia Times has noted that China's newly unveiled J-36 stealth fighter signals a significant advance in long-range combat capabilities. Th e tailless, triple-engine jet—reportedly the largest Chinese fighter to date—features a double-delta wing and expansive weapon bays, enabling supersonic performance and carrying heavy payloads. It features design elements that enhance overall stealth and high-altitude endurance, with diverterless supersonic inlets hinting at supercruise capability. While exact specifications remain unconfirmed, the 23-meter airframe and 7.6-meter main bay suggest potential for deep-strike missions and air dominance well beyond the First Island Chain. While Chinese media and analysts have touted the J-36 as a 'sixth-generation fighter,' the term remains loosely defined and could be exaggerated for propaganda purposes. More plausibly, the J-36 resembles a long-range fighter-bomber in the mold of Soviet and Russian designs such as the Su-34 Fullback, emphasizing payload and endurance over air-to-air dogfighting. In a potential US-China conflict over Taiwan, China's nuclear ballistic missile submarines (SSBNs) might operate in heavily defended bastions, with surface and air forces committed to protecting these zones. Supporting that view, David Logan notes in a November 2023 China Maritime Studies Institute (CMSI) report that should China adopt a bastion nuclear ballistic missile (SSBN) strategy instead of open-water patrols, it could position its boats in the South China Sea or Yellow Sea—with the former being more ideal, as the latter's shallow depth, maritime traffic, and physical characteristics favor anti-submarine warfare (ASuW) operations. However, Logan also points out that a bastion strategy would compel China to divert significant naval and air assets to defend its SSBNs, while precluding optimal launch positions south of the US to avoid American ballistic missile defense (BMD) coverage. He adds that Chinese SSBNs with the older, shorter-ranged JL-2 SLBM cannot strike the US from bastions in the South China Sea or Yellow Sea, although the newer JL-3 would allow such attacks. These bastions would likely become hunting grounds for US nuclear attack submarines (SSNs). A March 2025 report by the Chinese think tank South China Sea Strategic Situation Probing Initiative (SCSPI) highlights intensified US submarine activity in the South China Sea. It states that in 2024, the US Navy deployed at least 11 nuclear attack submarines (SSNs), including the USS Seawolf and various Los Angeles- and Virginia-class vessels. Additionally, the report notes that two guided-missile submarines (SSGNs) and one SSBN were deployed in the region, signaling a firm US deterrence posture. While US submarines threaten China's bastion strategy beneath the waves, US carrier-based fighters—or land-based aircraft operating from Japan, Taiwan, or the Philippines—would contest the airspace above. This environment would be hostile to China's long-range strike aviation, air-based nuclear deterrent platforms such as the H-6K/N strategic bomber, and anti-submarine warfare (ASuW) aircraft like the Shaanxi KQ-200. As these bastions are close to Chinese territory, a large, specialized strike fighter such as the J-36 could provide on-station fighter escort and conduct strikes against US and allied naval forces. With its size, endurance, and weapons load, the J-36 could plausibly support air defense of the bastion while threatening US naval formations beyond the First Island Chain. In this evolving force structure, China's fifth-generation aircraft, such as the J-20S, and new platforms like the J-36, may be part of a high-low mix. The J-20 may assume air superiority roles, while the J-36 could be optimized for deep-strike missions. Both would likely be supported by stealthy UCAVs such as the GJ-11 or loyal wingmen like the FH-97A to extend sensor coverage, suppress enemy air defenses or saturate targets with drone swarms. These penetrating stealth aircraft could be augmented by non-stealth platforms such as the J-15 and J-16, upgraded derivatives of the Su-27. While lacking stealth, these heavy fighters may function as 'missile trucks,' with beyond visual range (BVR) missiles like the PL-17 guided by loyal wingman drones, allowing them to engage targets from outside air defense envelopes. Meanwhile, the lower end of China's fighter mix may include multi-role platforms like the carrier-based J-35A and J-10C. These general-purpose fighters are built for contested airspace rather than deep-penetration missions, fleshing out China's layered airpower scheme. In response to these developments, the US would be well-advised to accelerate NGAD development and tightly integrate Collaborative Combat Aircraft (CCA) to stay ahead of China's MUM-T momentum and retain qualitative superiority in the air. Equally important is fast-tracking US loyal wingman drone deployment to achieve 'affordable mass,' diluting China's potential local numerical edge and improving survivability in an anti-access/area denial (A2/AD) environment. Lastly, the US should intensify efforts to harden, disperse and network its forward-deployed airpower. Ensuring US and allied forces can fight, survive, and regenerate in contested conditions is critical to avoid being taken out on the ground in the opening salvos of a Taiwan contingency.
