![]() ![]() In a security alert published today, the French National Cybersecurity Agency, also known as ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information), published a list of 161 IP addresses that have been hijacked by APT31 in recent attacks against French organizations. The agency said the APT31 attacks started at the beginning of 2021 and are still ongoing.įrench officials said that APT31’s proxy botnet was used to perform both reconnaissance operations against their targets, but also to carry out the attacks themselves. In a series of tweets today, Ben Koehl, a security researcher for the Microsoft Threat Intelligence Center, said APT31 was using this proxy network to make it appear that attacks are coming from the target organization’s national IP address space. ![]() One of the reasons for this tactic is that some organizations might be blocking incoming traffic from international IP addresses as a security measure.ĬERT-FR reports that #APT31 is using compromised routers to target French organisations: Hk960m network chinese taptap bilibililiaotechcrunch series# Hk960m network chinese taptap bilibililiaotechcrunch series#.Hk960m network chinese taptap bilibililiaotechcrunch driver#. ![]()
0 Comments
Leave a Reply. |