DarkHotel: A campaign targeting over 200 VPN servers have been uncovered by the Chinese firm Qihoo 360. It is believed that the campaign is currently being carried out to target a number of Chinese institutions and government agencies. The campaign has been timed to line up with new orders from the Chinese government for citizens to work from home. According to Qihoo 360, DarkHotel is responsible for this current wave of attacks targeting VPNs utilized by Chinese organizations. In one case, the group exploited a previously unknown vulnerability in the enterprise VPN software Sangfor SSL then installed malicious software on a victim’s machines to steal user data.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is