Connect with us

Cyber Crime

Chinese APT Exploits BeyondTrust Vulnerability to Breach U.S. Treasury Systems

Published

on

The U.S. Treasury Department has disclosed a significant cybersecurity breach attributed to suspected Chinese state-sponsored actors. The incident, revealed on December 8, 2024, involved the compromise of a cloud-based service used by BeyondTrust, a vendor providing technical support to Treasury Departmental Offices (DO).

Using a stolen key, attackers bypassed the service’s security, gaining remote access to some Treasury user workstations and unclassified documents. The Treasury Department has since taken the affected service offline and is collaborating with the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI. Evidence suggests the involvement of a Chinese Advanced Persistent Threat (APT) group, though China has denied the allegations.

China’s foreign ministry spokesperson, Mao Ning, dismissed the claims, calling them “groundless” and reiterating China’s opposition to hacking and politically motivated disinformation.

Registrations Open for FutureCrime Summit 2025: India’s Largest Conference on Technology-Driven Crime

BeyondTrust confirmed a digital intrusion impacting its Remote Support SaaS instances. Attackers exploited a compromised API key to reset application account passwords, leading BeyondTrust to revoke the key and suspend affected instances. Two security flaws in its products—CVE-2024-12356 (CVSS 9.8) and CVE-2024-12686 (CVSS 6.6)—were also uncovered, with one added to CISA’s Known Exploited Vulnerabilities catalog due to active exploitation.

A Washington Post report on January 1, 2024, revealed the breach also targeted the Office of Foreign Assets Control (OFAC) and the Office of the Treasury Secretary, underscoring Beijing’s efforts to gather intelligence on a key geopolitical rival. The incident highlights the increasing vulnerability of critical U.S. systems to sophisticated cyber threats.

Follow The420.in on

 TelegramFacebookTwitterLinkedInInstagram and YouTube

Continue Reading