Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities
China-aligned attackers broke into the networks of U.S. and Canadian universities to steal sensitive data and establish persistent access via webshells and backdoors, Proofpoint threat researchers said Tuesday.
The espionage-motivated attacks targeted physics and engineering departments, focusing on administrators and professors with national security links or organizations researching astrophysics and particle physics.
Proofpoint identified less than 10 university victims and estimates a few dozen universities may be impacted, Greg Lesnewich, principal threat researcher at Proofpoint, told CyberScoop. The company first observed the campaign in May and believes the campaign is ongoing.
Read more at CyberScoop