TrueConf Zero-Day Exploited in Asian Government Attacks by Chinese Hackers
Chinese hackers exploited a zero-day vulnerability in TrueConf video conferencing software to attack government agencies in Asia, compromising a central server used by dozens of government entities.
Key Points
- Chinese hackers exploited zero-day vulnerability in TrueConf video conferencing software
- Compromised central server serving dozens of government entities
- Attackers replaced legitimate updates with malicious code
- Attribution to Chinese threat actors by Check Point researchers
Full Details
Security researchers at Check Point have uncovered a sophisticated cyberattack campaign, dubbed TrueChaos, in which Chinese hackers exploited a zero-day vulnerability in the TrueConf video conferencing platform. The attackers compromised an on-premises TrueConf server operated by a governmental IT department, which served as the video conferencing platform for dozens of government entities across the country. The hackers replaced legitimate software updates with malicious ones, effectively infecting all clients that connected to the compromised server. This attack demonstrates how threat actors abuse trusted relationships between central infrastructure and end users. The incident highlights the significant risks of supply chain attacks in government IT systems and the sophistication of state-sponsored cyber operations targeting Asian governments.
Why It Matters
This attack demonstrates the vulnerability of government supply chains to sophisticated state-sponsored hackers. Organizations should carefully verify software update integrity and implement additional security layers for critical infrastructure.
Get stories like this delivered daily
AI-curated news, personalized to your interests. Zero noise.
Start 7-Day Free Trial →More in Global News
Seriously wounded US airman rescued from Iran, Trump says
The recovery of the airman follows separate search efforts by both the US and Iran.
Hungary alleges plot to blow up gas pipeline ahead of election
The incident comes a week before the polls, and follow warnings of a potential operations staged to influence voters.
How downed F-15 US airman was rescued inside Iran
The US has rescued the missing crew member of the US F-15 fighter jet which was shot down over southern Iran.
UK Green Party Pushes Church-State Separation Policy, Critics Warn of Break from Christian Roots
Britain's Green Party is advocating for a policy to separate church and state, removing religious considerations from political office, drawing criticism from those who warn it would sever the nation's historic Christian heritage.