Shady Chinese government-backed hacker group is unmasked - as authorities issue dire warning: 'Ongoing threat'

Shady Chinese government-backed hacker group is unmasked - as authorities issue dire warning: 'Ongoing threat' Australia and five eyes partners identified the group Hundreds of usernames and passwords stolen READ MORE: Medibank hacker is named By Dominic Giannini For Australian Assocated Press Published: 08:27, 9 July 2024 | Updated: 08:33, 9 July 2024 e-mail View comments Australia and allies have unmasked a Chinese government-backed hacking group that has targeted the public and private sectors. The Australian government and Five Eyes partners, New Zealand , Canada , the US and UK, along with Germany , Japan and Korea have identified state-sponsored group APT40 as being behind the attacks. The group was acting on behalf of China 's powerful Minister of State Security and has been blamed for espionage and hacks, including against one Australian entity in April 2022 when hundreds of usernames and passwords were stolen.

'The threat they pose to our networks is ongoing,' the Australian Signals Directorate (ASD) said in a joint advisory on Tuesday. The group targeted outdated networks and devices that are no longer maintained, the ASD said. 'APT40 continues to find success exploiting vulnerabilities from as early as 2017.

' Compromised software included versions of Log4, Atlassian Confluence and Microsoft Exchange, according to the advisory. One Australian organisation was compromised between July and September 2022, with APT40 able to map the network and execute control. Austral.