Chinese Hackers

[kyonides]

TikTok Monitors Keystrokes of Users in iOS App’s Browser

App developer and privacy researcher Felix Krause published a report on the risks associated with some iOS apps injecting JavaScript code into third-party browsers.

Of the seven most popular iOS apps analyzed, Beijing-based TikTok was the only one that didn’t give users the option to open links with a third-party browser.

Klause found that TikTok’s iOS app “monitors all taps happening on websites, including taps on all buttons and links” accessed via its in-app browser.

“TikTok iOS subscribes to every keystroke (text inputs) happening on third party websites rendered inside the TikTok app. This can include passwords, credit card information, and other sensitive user data (keypress and keydown),” Krause wrote.
...
TikTok confirmed that the code exists in its iOS app, but claimed that it doesn’t use it.

Sure, TikTok.  Sure.

Researchers uncover sophisticated global Chinese hacking operation

A Chinese hacking group simultaneously used six different backdoors against more than a dozen industrial plants, research institutes, government agencies and ministries in Belarus, Russia, Ukraine and Afghanistan, researchers with Kaspersky said Monday.
...
The vulnerability exploited in the attack, first discovered in January 2022, allowed the attackers to execute code without any additional user activity, the researchers said. In one case, they said, the attackers gained control over an unnamed cybersecurity solutions control center and ran a “golden ticket” attack, which gave them widespread access and persistence in the network.

A Chinese hacking group tracked as TA428 by multiple threat intelligence research groups is the likely culprit, the Kaspersky researchers said Monday, based on various technical indicators and overlaps with previous operations, including one that targeted a Russian-based defense contractor with ties to the Russian Navy, according to Cybereason.
...
Chinese-aligned hackers associated with multiple groups and campaigns have been busy targeting Russian entities in the wake of the Feb. 24 Russian invasion of Ukraine, primarily seeking intelligence on Russian government thinking or planning, researchers have said.

Campaigns have also included information operations targeting both domestic and international audiences that have boosted Russian disinformation narratives, a reflection of the complicated and varying tasks of the plethora of Chinese-aligned hacking groups.

Take into account how Chinese hackers had attacked the Vatican once in order to learn more about some negotiations both the Vatican and the CCP were about to hold later on.

China could be reviewing security bugs
before tech companies issue patches, DHS official says

The Chinese government appears to use its software vulnerability disclosure rules to preview dangerous zero-day flaws before tech companies can deploy fixes, a top Department of Homeland Security official said Wednesday.

Beijing’s strict vulnerability reporting rules mean government officials could get “early access” to even the most serious vulnerabilities, DHS Under Secretary for Policy Robert Silvers said during the Black Hat cybersecurity conference in Las Vegas.
...
Silvers said that a DHS review board assembled to investigate the recent Log4j software vulnerability, which was initially discovered by the Chinese tech giant Alibaba, concluded its inquiry with “very troubling” questions about Chinese disclosure rules.
...
In the case of the Log4j vulnerability, however, Alibaba revealed the flaw prior to notifying the Chinese government, according to Silvers.

Chinese companies are required to report vulnerabilities to the government within two days of discovering them. They are also barred from publicly disclosing vulnerabilities during “major national events.”

Silvers was speaking about the findings of the DHS Cyber Safety Review Board, a group of 15 top public and private sector cybersecurity experts whose inaugural investigation into the Log4j vulnerability wrapped last month. He said that board members are concerned by Chinese news reports that Alibaba was punished for publicly disclosing the vulnerability before alerting the Chinese government.
...
The board found that Alibaba told the Chinese government about the vulnerability on Dec. 13, four days after informing the Apache Software Foundation, said Silvers. The Chinese government talked to the review board but did not address whether Alibaba was penalized in any way, he said.

Here's another solid proof of how the CCP doesn't believe in (cyber) transparency at all.