{"id":297203,"date":"2025-03-06T05:09:24","date_gmt":"2025-03-06T13:09:24","guid":{"rendered":"https:\/\/sftarticles.wpenginepowered.com\/en\/?p=297203"},"modified":"2025-07-01T15:15:09","modified_gmt":"2025-07-01T22:15:09","slug":"microsoft-warns-chinese-hackers-from-silk-typhoon-strike-again-this-time-targeting-cloud-infrastructures","status":"publish","type":"post","link":"https:\/\/cms-articles.softonic.io\/en\/microsoft-warns-chinese-hackers-from-silk-typhoon-strike-again-this-time-targeting-cloud-infrastructures\/","title":{"rendered":"Microsoft warns: Chinese hackers from Silk Typhoon strike again, this time targeting cloud infrastructures"},"content":{"rendered":"\n

A new report from Microsoft\u2019s Threat Intelligence<\/strong> reveals that the Chinese-backed hacking group Silk Typhoon has escalated its attacks<\/strong>, now shifting its focus towards cloud infrastructures and remote management tools<\/strong>. The group, active since at least 2020, has been linked to multiple cyberattacks, including the recent breach of the U.S. Treasury Department<\/strong>.<\/p>\n\n\n\n

A growing cybersecurity threat<\/h2>\n\n\n\n

According to Microsoft, Silk Typhoon is targeting common IT applications<\/strong>, such as cloud solutions and remote management software<\/strong>, to gain access to sensitive systems. The group has been observed infiltrating sectors including government agencies, healthcare, legal services, and defense<\/strong>, among others. By exploiting zero-day vulnerabilities<\/strong> in edge devices, they have demonstrated technical efficiency and adaptability<\/strong>, making them one of the most persistent cyber threats today.<\/p>\n\n\n\n

Exploiting vulnerabilities and stealing credentials<\/h2>\n\n\n\n

The hackers are using stolen API keys and privileged access credentials<\/strong> to infiltrate cloud providers and management firms<\/strong>, enabling them to breach downstream customer environments<\/strong>. Microsoft notes that Silk Typhoon has developed a deep understanding of cloud deployments<\/strong>, allowing them to move laterally within networks, maintain persistence, and exfiltrate data quickly<\/strong>.<\/p>\n\n\n\n

The group also relies on\u00a0web shells to execute commands<\/strong>, ensuring they can\u00a0remain undetected within victim environments<\/strong>\u00a0for extended periods. Since tracking began in 2020, Microsoft has recorded\u00a0numerous cases where Silk Typhoon successfully maintained long-term access<\/strong>\u00a0to compromised systems, increasing the risks for affected organizations.<\/p>\n\n\n\n

Security analysts believe that\u00a0Silk Typhoon was responsible for the recent U.S. Treasury hack<\/strong>, a\u00a0major cybersecurity breach<\/strong>\u00a0linked to the compromise of BeyondTrust, a remote access software provider. This attack underscores the\u00a0group\u2019s ability to exploit third-party cybersecurity partners<\/strong>, bypassing traditional defenses and gaining access to critical systems.<\/p>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

A new report from Microsoft\u2019s Threat Intelligence reveals that the Chinese-backed hacking group Silk Typhoon has escalated its attacks, now shifting its focus towards cloud infrastructures and remote management tools. The group, active since at least 2020, has been linked to multiple cyberattacks, including the recent breach of the U.S. Treasury Department. A growing cybersecurity threat According to Microsoft, Silk Typhoon … Continue reading “Microsoft warns: Chinese hackers from Silk Typhoon strike again, this time targeting cloud infrastructures”<\/span><\/a><\/p>\n","protected":false},"author":9317,"featured_media":297204,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wpcf-pageviews":0},"categories":[1015],"tags":[],"usertag":[],"vertical":[],"content-category":[],"class_list":["post-297203","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/297203","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/users\/9317"}],"replies":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/comments?post=297203"}],"version-history":[{"count":1,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/297203\/revisions"}],"predecessor-version":[{"id":309148,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/posts\/297203\/revisions\/309148"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media\/297204"}],"wp:attachment":[{"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/media?parent=297203"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/categories?post=297203"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/tags?post=297203"},{"taxonomy":"usertag","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/usertag?post=297203"},{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/vertical?post=297203"},{"taxonomy":"content-category","embeddable":true,"href":"https:\/\/cms-articles.softonic.io\/en\/wp-json\/wp\/v2\/content-category?post=297203"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}