The Winnti Group, associated with the Chinese government and best-known for financially motivated attacks and industrial espionage, has turned its attention to Hong Kong. ESET reports finding that Winnti is using its eponymous Trojan to drop the ShadowPad backdoor in machines at five Hong Kong universities. The apparent purpose of the extensive campaign is to collect intelligence on protests of the Mainland’s role in the city. ShadowPad has many modules well-adapted to collection: one of them, for example, is a keylogger.
The US welcomes the EU’s decision on 5G network security, seeing it as European acknowledgement of the unacceptable risks untrusted suppliers bring. Computing reports that Secretary of State Pompeo is confident the US and UK will reach an understanding over Huawei.
The website of Serbian independent media outlet TV N1 has been disabled by distributed denial-of-service attacks this week, possibly DDoS for hire purchased from operators in China. The attacks come, says Balkan Insight, during a squabble with state-owned media over broadcast rights.
BleepingComputer reports that Microsoft has seen a resurgence of the EvilCorp cyber gang, phishing with malicious Excel files.
Vade Secure has found data stolen in the 2015 Ashley Madison breach resurfacing in highly specific blackmail attempts against former customers of the adultery facilitation service.
Digital Shadows says that the Sodinokibi ransomware crew is offering a $15 thousand prize for the best essay on a hacking topics. The researchers leave open the question of whether this represents a serious sharing of expertise or just “threat actor showboating.”