Chinese hackers develop LONGLEASH malware to expand ORB network

Summary

Chinese hackers, identified as UAT-7810, are deploying new malware named LONGLEASH to expand their ORB network. This operation primarily targets unpatched Ruckus routers connected to the internet, suggesting a focus on infrastructure compromise for their malicious activities.

IFF Assessment

FOE

The development and deployment of new malware by a sophisticated threat actor to expand their network infrastructure poses a direct threat to network security and data integrity.

Defender Context

This article highlights an evolving threat from Chinese-linked hackers targeting network infrastructure, specifically Ruckus routers. Defenders should prioritize patching internet-facing devices, especially those from Ruckus, and monitor for signs of compromise related to ORB networks. The use of malware like LONGLEASH underscores the need for robust network segmentation and intrusion detection capabilities.

Read Full Story →