As the Chinese government turns to virtual private networks (VPNs) to provide access to official resources for those working remotely amid the COVID-19 pandemic, the DarkHotel APT has seized the opportunity to target those VPNs in a zero-day attack, researchers said.
According to security analysts from Chinese firm Qihoo 360, attacks began in March on a Chinese VPN provider called SangFor, used by a number of Chinese governmental agencies. At least 200 VPN servers connecting to multiple endpoints were compromised as of the first week of April, they added.
