Hackers around the world continuously test systemssecurity firms, government and financial organizations, in an effort to illegally obtain the necessary information or steal funds. Some hacker groups, such as APT20 from China, are sometimes associated with official authorities. Fox-IT released a report, Operation Wocao: Shedding Light on One of China's Hidden Hacking Groups, which talks about the work of APT20 members who recently circumvented two-factor authorization (2FA) and penetrated the servers of one of the largest corporations.
APT20 grouping uses hidden methodwork, exercise extreme caution. The organization’s trail disappeared in 2011, and many experts began to talk about stopping the APT20. Meanwhile, according to Fox-IT experts, the hackers worked on a method for circumventing two-factor authentication to ensure penetration of corporate networks into servers. At the same time, the attackers adhere to the principle of using standard solutions, without creating their own software by which they can be tracked.
Overcoming a two-factor authorization systemmade possible after the abductions of the RSA SecurID token, from the network needed by the attackers. Based on this token, hackers were able to create only one key, which opened access to the system. There is no need to get physical access to generate a system access code. When there is no need to import the RSA SecurID core and create access keys from different places, the check is limited to the character area of the key, which was done by the “experts” from APT20.
However, an investigation into the incident revealed thatthis method is not a vulnerability of the 2FA method, since hackers received the RSA SecurID token, either from the insider’s hands or simply stolen, which facilitated their access to the system. Currently, hackers are expelled from the corporation’s network, and no damage is reported.
Source: FoxIT
Related articles
A NASA scientist clearly showed how slow the speed of light can be.- Yandex Maps will receive a significant update
- Electric vehicles will need more metals instead of oil. But there is good news: they can be recycled
- Solar-powered drone Alphabet and SoftBank began to distribute Internet on the LTE network (4 photos + video)
- Action camera DJI Osmo Action 4: a new sensor, stabilization and two screens (12 photos)
- Samsung announces new 50MP ISOCELL GN1 sensor with large pixels and fast focus
- Cool cameras and everything else: details about the upcoming flagship Vivo X100 Pro +
- Samsung suspected of lying - Galaxy Z Flip clamshell smartphone has a plastic screen (video)
