CyberSecurityBoard
Sponsor Register Login

China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News

A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said. The hackers, dubbed Green Nailao, deployed ShadowPad and PlugX malware, both commonly associated with Chinese cyberespionage groups, as well as a previously undocumented ransomware strain called NailaoLocker. NailaoLocker, the new ransomware strain discovered in the campaign, was described by researchers as “relatively unsophisticated and poorly designed.” It encrypts files and leaves a ransom note demanding payment in Bitcoin via a ProtonMail address. The campaign, which took place in the second half of 2024, likely exploited a vulnerability in security products from an Israel-based cybersecurity firm, according to researchers at Orange Cyberdefense. The vulnerability likely enabled the hackers to steal user credentials and access virtual private networks (VPNs) using legitimate accounts, the researchers said. ShadowPad, a backdoor suspected to be privately shared or sold among Chinese cyber operators since at least 2015, has been deployed in cyberespionage campaigns against governments, energy firms, think tanks and technology companies. PlugX, another malware frequently used by Chinese state-backed hackers, was first observed in attacks on Japan in 2008 and has since been deployed against targets across Asia. Check Point patched the flaw last May, but researchers said the devices targeted by hackers were likely still vulnerable at the time of their compromise. State-backed hackers, including those linked to China, have previously targeted healthcare organizations, researchers said. Orange Cyberdefense said it could not attribute the campaign to a specific actor said the hackers were likely linked to China. Researchers said it was unusual for ShadowPad to be linked to ransomware deployment, raising questions about the hackers’ motives.

This Cyber News was published on therecord.media. Publication date: Fri, 21 Feb 2025 01:15:09 +0000


Cyber News related to China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News

China-linked hackers target European healthcare orgs in suspected espionage campaign | The Record from Recorded Future News - A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said. The hackers, dubbed Green Nailao, deployed ShadowPad ...
2 months ago Therecord.media
Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
1 year ago Securityzap.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
11 months ago Techtarget.com
European firms urge China to give more clarity on data transfer laws - AP Moeller - Maersk A/S Siemens AG BEIJING, Nov 15 - European firms "Urgently" need China to give clearer definitions of key terms in its cross-border data transfer rules, a European business lobby group said on Wednesday, warning firms also stood to ...
1 year ago Reuters.com
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
1 year ago Cybersecuritynews.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
1 year ago Darkreading.com
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
1 year ago Cysecurity.news
Unveiling the true cost of healthcare cybersecurity incidents - As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity ...
1 year ago Helpnetsecurity.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
2 years ago Securityweek.com
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
1 year ago Therecord.media LockBit
Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
2 years ago Securityweek.com Silence
China's Dogged Campaign to Portray Itself as Victim of US Hacking - For more than two years, China's government has been attempting to portray the US as indulging in the same kind of cyber espionage and intrusion activities as the latter has accused of carrying out over the past several years. A recent examination of ...
1 year ago Darkreading.com Volt Typhoon
Pharmacy Delays Across US Blamed on Nation-State Hackers - Change Healthcare, a technology services provider for pharmacies, experienced a cyberattack from a suspected nation-state threat actor that has created widespread delays for patients who need prescription refills across the US. Change Healthcare is a ...
1 year ago Darkreading.com
Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
1 year ago Malwarebytes.com Rocke LockBit
TikTok fined €530 million for sending European user data to China - The Irish Data Protection Commission (DPC) has fined TikTok €530 million (over $601 million) for illegally transferring the personal data of users in the European Economic Area (EEA) to China, violating the European Union's GDPR data protection ...
6 days ago Bleepingcomputer.com
Transforming in the Age of Healthcare Digitalization - Healthcare and technology increasingly intersect in today's world, and cybersecurity has become a primary concern for many companies. The recent attack on Change Healthcare serves as a harsh reminder of the vulnerabilities facing the healthcare ...
10 months ago Cyberdefensemagazine.com
Future Health: AI's Impact on Personalised Care in 2024 - As we dive into the era of incorporating Artificial Intelligence into healthcare, the medical sector is poised for a profound transformation. AI holds immense potential in healthcare, offering groundbreaking advancements in diagnostics, personalised ...
1 year ago Cysecurity.news
Russian media, academia targeted in espionage campaign using Google Chrome zero-day exploit | The Record from Recorded Future News - Last June, Kaspersky discovered another espionage campaign, dubbed Operation Triangulation, that exploited two vulnerabilities in Apple devices. Russian security researchers discovered sophisticated new malware used in an espionage campaign targeting ...
1 month ago Therecord.media CVE-2025-2783
China-Nexus Hackers Attacking Organizations Infrastructure & High-Value Customers - A sophisticated China-linked threat actor has been conducting extensive cyber espionage operations targeting critical infrastructure and high-value organizations across multiple sectors. This activity cluster, tracked as PurpleHaze, demonstrates ...
1 week ago Cybersecuritynews.com
Chinese Hackers Using New BRICKSTORM Malware to Attack Windows & Linux Machines - Notably, unlike the Linux variant reported by Mandiant, the Windows samples lack direct command execution capabilities—a suspected deliberate choice to evade detection by security solutions that analyze parent-child process relationships. The ...
3 weeks ago Cybersecuritynews.com
Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
11 months ago Esecurityplanet.com Black Basta
How 'Big 4' Nations' Cyber Capabilities Threaten the West - COMMENTARY. There are four nations deemed by the US and UK governments to pose the greatest threat to the West. Russia's cyber-threat activities are primarily focused on offensive cyber operations, China's are focused on cyber espionage, Iran's on ...
1 year ago Darkreading.com
Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations - Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. "This activity is believed to be part of a ...
1 year ago Thehackernews.com Mustang Panda
'Sex life data' stolen from UK government among record number of ransomware attacks - Data on the sex lives of up to 10,000 people was stolen from a British government department in one of the record number of ransomware attacks to have hit Westminster in the first half of this year. It is not known which department the information ...
1 year ago Therecord.media
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
1 year ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)