In a recent cyber incident, a Chinese state-backed hacking group employed ransomware to target a South Asian software company, demanding $2 million. The attackers leveraged a vulnerability in Palo Alto Networks, deployed PlugX malware associated with the Chinese espionage group Fireant, and pilfered AWS credentials before encrypting the systems.
The significance of this attack lies in the evolving landscape of cyber threats, with state-sponsored espionage groups now venturing into ransomware activities. This event, which took place last November, underscores a concerning trend of government-backed entities partaking in financially driven cybercrimes.