Blog | G5 Cyber Security

Government VPN Servers Targeted in Zero-Day Attack

The attacks are being carried out against Chinese government interests worldwide, according to Qihoo 360. The attacks began in March on a Chinese VPN provider called SangFor, used by a number of Chinese governmental agencies. At least 200 VPN servers connecting to multiple endpoints were compromised as of the first week of April. The attack was carried out using a zero-day exploit, the firm found, adding that the campaign is complex and required a good deal of skill to execute. The vulnerability exists in an update that is triggered automatically when the VPN client starts to connect to the server.

Source: https://threatpost.com/government-vpn-servers-zero-day-attack/154472/

Exit mobile version