Storia in 2 fonti

Chinese hackers hijack auth flow, spy on isolated network for a decade

Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity.

Raccontata da

thehackernews.com

bleepingcomputer.com

Confronto fonti

2 prospettive sulla stessa storia

AI · summaries

bleepingcomputer.comStai leggendo5 g fa

Chinese hackers hijack auth flow, spy on isolated network for a decade

Velvet Ant backdoored PAM/OpenSSH on isolated infrastructure for 10 years, capturing all admin credentials since 2016. Auth compromise bypasses detection—defense requires EDR on auth stack, offline immutable backups, and file integrity monitoring.

originale

thehackernews.com6 g fa

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

China-linked group Velvet Ant compromised PAM/OpenSSH—the Linux authentication layer—for nearly a decade, stealing credentials while evading detection through the trusted login system itself. For IT managers, this signals that authentication infrastructure requires file-integrity monitoring, not passive alerting; password resets fail when PAM/SSH are backdoored.

Leggi questa versione → originale

Timeline cronologica

venerdì 12 giugno 2026·thehackernews.com
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Sygnia says Velvet Ant modified Linux PAM and OpenSSH components to steal credentials and maintain stealthy access since 2016.
sabato 13 giugno 2026·bleepingcomputer.com
Chinese hackers hijack auth flow, spy on isolated network for a decade
Chinese hackers took control of a target organization's authentication stack and maintained persistence for 10 years, with full visibility into the administrative activity.