Advertisement

Chinese hackers using 'Terracotta' VPN to hijack servers of small businesses and attack government sites

Reading Time:1 minute
Why you can trust SCMP
0
'Terracotta' has reportedly been hacking into legitimate servers and selling them on to other cyber criminals. Photo: Reuters

Hackers in China have been taking control of website servers from small businesses with weak security protocols and using them to mask their attacks on bigger prizes like government data sites, according to security researchers. 

RSA Research said that a virtual private network (VPN) platform in China, which it dubbed "Terracotta", has been hacking into servers used by legitimate businesses. 

"It would appear that by just hacking these [servers] and stealing the bandwidth and computing power, there's considerable cost savings involved," Peter Beardmore, RSA’s senior consultant for threat intelligence marketing, told CSO Online. 

The servers are then sold as “digital camouflage” to other cyber criminals. 

VPN services have a number of legitimate purposes, such as giving office workers remote access to a company’s network, or helping skirt China's Great Firewall, but they can also serve more nefarious purposes in the hands of hackers. 

Advertisement