Hackers breached China’s National Games ahead of last year’s competition

An unidentified hacking group has gained access to the internal IT network of the 2021 National Games of China.

The competition, which took place in September 2021 in the city of Shaanxi, is an internal sporting event for Chinese athletes only, modeled after the rules of the Olympic Games and the event where national champions are crowned across different sporting events.

Avast said that roughly 12 days before the event’s start, unknown attackers gained access to a public server and an SQL database belonging to the event’s organizers and proceeded to install web shells so they could access systems at later points.

“After gaining access, the attackers tried to move through the network using exploits and bruteforcing services in an automated way,” Avast said in a report published on Thursday.

To achieve lateral movement, Avast said the attackers used an exploitation framework written in the Go programming language that included plugins for several known vulnerabilities.

The security firm said it learned of the incident from an incident response report that contained details about the breach its researchers found on VirusTotal, a web platform owned by Google where users can upload and scan files for malware.

“Based on the initial information from the report and our own findings, it appears the breach was successfully resolved prior to the start of the games,” Avast added.

The Czech security firm said it was unable to determine what information the hackers stole but said that they “have reason to believe [the attackers] are either native Chinese-language speakers or show high fluency in Chinese.”

Catalin Cimpanu

Catalin Cimpanu is a former cybersecurity reporter for Record Future News. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.

Recent Posts

Deepfake news anchors spread Chinese propaganda on social media

In a series of videos posted on Twitter, Facebook and YouTube, Chinese state-aligned actors used…

5 hours ago

New info-stealing malware used against Ukraine organizations

A new information-stealing malware named Graphiron is being used against a wide range of targets…

11 hours ago

Hackers used fake websites to target state agencies in Ukraine and Poland

Hackers attempted last week to infect Ukrainian government computer systems with malware hosted on fake…

12 hours ago

‘No evidence of malicious access,’ Toyota says about serious bug exploited by outside researcher

Toyota said it remediated the vulnerability discovered by researcher Eaton Zveare. The company referred others…

13 hours ago

Turkey’s government restricts access to Twitter amid earthquake response

Internet traffic data showed that Twitter was totally inaccessible from with Turkey. The government has…

14 hours ago

CISA publishes recovery script for ESXiArgs ransomware as Florida courts, universities reel

CISA adapted work by two Turkish developers into a script for recovering files affected by…

15 hours ago