The 8220 Gang, a notorious Chinese-based threat actor group, has once again surfaced in the spotlight with a renewed assault on cloud based infrastructure. This latest campaign, unfolding from May 2023 through February 2024, showcases the gang's strategic pivot towards more sophisticated tactics and techniques, targeting both Linux and Windows platforms. Through a meticulously orchestrated operation, the group has been exploiting well-known vulnerabilities, including CVE-2021-44228 and CVE-2022-26134, underscoring a persistent threat to cloud environments worldwide.
Article Link: 8220 Gang Cyber Threats: Cloud Infrastructure & Cryptomining Tactics