March 5, 2025 By Bill Toulas
Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers.
The tech giant has confirmed breaches across multiple industries, including government, IT services, healthcare, defense, education, NGOs, and energy.
"They [Silk Typhoon] exploit unpatched applications that allow them to elevate their access in targeted organizations and conduct further malicious activities," reads Microsoft's report.
"After successfully compromising a victim, Silk Typhoon uses the stolen keys and credentials to infiltrate customer networks where they can then abuse a variety of deployed applications, including Microsoft services and others, to achieve their espionage objectives."
Silk Typhoon storms IT supply chains
Silk Typhoon is a Chinese state-sponsored espionage group known for hacking the U.S. Office of Foreign Assets Control (OFAC) office in early December 2024 and stealing data from the Committee on Foreign Investment in the United States (CFIUS).
