China-linked Group Targets IT Service Providers in Europe
/ 1 min read
🕵️♂️ China-linked cyber espionage group targets IT service providers in Southern Europe. A recent report by cybersecurity firms SentinelOne and Tinexta Cyber reveals that a suspected Chinese cyber espionage group conducted attacks on business-to-business IT service providers as part of Operation Digital Eye. The intrusions, which occurred from late June to mid-July 2024, were thwarted before data exfiltration could occur. The attackers exploited Microsoft Visual Studio Code and Azure for command-and-control operations, using techniques like SQL injection and a custom version of Mimikatz for lateral movement within networks. The campaign highlights the strategic threat posed by such groups, as breaching IT service providers can grant access to a broader digital supply chain.
