Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the neve domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/vhosts/sigmacybersecurity.com/httpdocs/wp-includes/functions.php on line 6114
Barracuda Email Hack leaks government emails in America - Sigma Cyber Security
Skip to content

Barracuda Email Hack leaks government emails in America

China has been targeting email servers in American government networks, raising concerns about data exploitation. A state-sponsored criminal group deployed two variations of malware on the Barracuda Email Security Gateway (ESG) between October and December 2022. The extent of the cyberattacks is still under investigation, but suspicions point to UNC4841, an intelligence group believed to be backed by Beijing. The attack’s primary objective appears to be the extraction of sensitive information from high-ranking government officials in North America. In response, Barracuda has released an update addressing the Zero-Day vulnerability in ESG appliances. The Cybersecurity and Infrastructure Security Agency (CISA) also disclosed that the same Chinese group was responsible for unleashing malware on other high-value targets. According to Austin Larsen, a Senior Incident Response Consultant at Mandiant, espionage actors with affiliations to China have refined their toolsets to be more impactful, elusive, and efficient.

Key Points:
1. China has targeted email servers in American government networks, potentially exploiting data.
2. Barracuda Email Security Gateway (ESG) was compromised with two variations of malware.
3. UNC4841, an intelligence group believed to be backed by Beijing, is suspected as the orchestrator of the attacks.
4. The cyberattacks aimed to extract sensitive information from high-ranking government officials in North America.
5. Barracuda has released an update to address the Zero-Day vulnerability in ESG appliances.
6. The Cybersecurity and Infrastructure Security Agency (CISA) confirmed the Chinese group’s involvement in malware attacks on other high-value targets.
7. Espionage actors with affiliations to China have improved their toolsets to be more impactful and elusive.

Leave a Reply

Your email address will not be published. Required fields are marked *