Targeting of telecommunication companies, internet service providers, and the data services sector
Date of report
  • April 2022
Affiliations
Chinese threat actor Hafnium targeted an un-patched zero-day vulnerability in Zoho products to implant a web shell. Hafnium exploited the Windows Task Scheduler to execute hidden scheduled tasks, allowing the malware to avoid detection.
Suspected victims
  • Telecommunication companies, internet service providers, and the data services sector
Suspected state sponsor
  • China
Type of incident
  • Espionage
Target category
  • Private sector