DarkHotel: A campaign targeting over 200 VPN servers have been uncovered by the Chinese firm Qihoo 360. It is believed that the campaign is currently being carried out to target a number of Chinese institutions and government agencies. The campaign has been timed to line up with new orders from the Chinese government for citizens to work from home. According to Qihoo 360, DarkHotel is responsible for this current wave of attacks targeting VPNs utilized by Chinese organizations. In one case, the group exploited a previously unknown vulnerability in the enterprise VPN software Sangfor SSL then installed malicious software on a victim’s machines to steal user data.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in