"'Chimera' Threat Group Abuses Microsoft & Google Cloud Services"
Researchers with NCC Group and Fox-IT have detailed a new threat group called Chimera. According to the researchers, this group targets Microsoft and Google cloud services to achieve goals aligned with the Chinese government's interests. Chimera tries to exfiltrate data belonging to various target organizations, including those in the semiconductor and airline industries, via cloud services. Chimera was involved in multiple incident response engagements between October 2019 and April 2020. The researchers revealed that Chimera has remained undetected in a network for up to three years. Chimera performs credential stuffing or password spraying attacks against a victim's remote service using usernames and passwords from previous breaches. This article continues to discuss the Chimera threat group's interests, targets, and attack methods.
Dark Reading reports "'Chimera' Threat Group Abuses Microsoft & Google Cloud Services"