June 11th, 2024 By Sergiu Gatlan
The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is "much larger than previously known."
As the MIVD disclosed in February in a joint report with the General Intelligence and Security Service (AIVD), Chinese hackers exploited a critical FortiOS/FortiProxy remote code execution vulnerability (CVE-2022-42475) over a few months between 2022 and 2023 to deploy malware on vulnerable Fortigate network security appliances.
"During this so-called 'zero-day' period, the actor infected 14,000 devices alone. Targets include dozens of (Western) governments, international organizations and a large number of companies within the defense industry," the MIVD said.
The Coathanger remote access trojan (RAT) malware used in the attacks was also found on a Dutch Ministry of Defence network used in the research and development (R&D) of unclassified projects. Still, due to network segmentation, the attackers were blocked from moving to other systems.