{"id":32956,"date":"2022-06-02T01:22:05","date_gmt":"2022-06-02T01:22:05","guid":{"rendered":"https:\/\/harchi90.com\/china-linked-hackers-are-exploiting-a-new-vulnerability-in-microsoft-office\/"},"modified":"2022-06-02T01:22:05","modified_gmt":"2022-06-02T01:22:05","slug":"china-linked-hackers-are-exploiting-a-new-vulnerability-in-microsoft-office","status":"publish","type":"post","link":"https:\/\/harchi90.com\/china-linked-hackers-are-exploiting-a-new-vulnerability-in-microsoft-office\/","title":{"rendered":"China-linked hackers are exploiting a new vulnerability in Microsoft Office"},"content":{"rendered":"\n
A newly discovered vulnerability in Microsoft Office is already being exploited by hackers linked to the Chinese government, according to threat analysis research<\/a> from security firm Proofpoint.<\/p>\n Details shared by Proofpoint on Twitter suggest that a hacking group labeled TA413 was using the vulnerability (named \u201cFollina\u201d by researchers) in malicious Word documents purported to be sent from the Central Tibetan Administration, the Tibetan government in exile based in Dharamsala, India. The TA413 group is an APT, or \u201cadvanced persistent threat,\u201d actor believed to be linked to the Chinese government and has previously been observed targeting the Tibetan exile community.<\/p>\n In general, Chinese hackers have a history of using software security flaws to target Tibetans. A report published by Citizen Lab in 2019 documented extensive targeting of Tibetan political figures with spyware, including through Android browser exploits and malicious links sent through WhatsApp. Browser extensions have also been weaponized for the purpose, with previous analysis from Proofpoint uncovering the use of a malicious Firefox add-on to spy on Tibetan activists.<\/p>\n