Chinese hackers hijack auth flow, spy on isolated network for a decade
Chinese hackers hijacked an authentication flow to spy on an isolated network for a decade, as reported by BleepingComputer. The attackers compromised the authentication process, enabling them to maintain persistent access and monitor the network without detection. The breach lasted approximately ten years, highlighting the sophistication and patience of the threat actors. The isolated nature of the targeted network suggests it was air-gapped or otherwise segregated, yet the attackers found a way to infiltrate via the authentication mechanism. The source does not specify the exact techniques used, the identity of the victims, or the data exfiltrated. The long duration of the espionage campaign underscores the challenges in detecting advanced persistent threats, especially when they target authentication flows that are typically trusted. No remediation steps or affected-user details are provided in the source.
Developers must secure authentication flows against hijacking to prevent long-term undetected access.