A Chinese hacker uses a zero-day vulnerability to compromise 81K Sophos devices.

Charges against a Chinese national who allegedly breached some 81,000 Sophos firewall devices worldwide in 2020 were unveiled by the US government yesterday. Conspiracy to commit wire fraud and conspiracy to commit computer fraud were the charges brought against Guan Tianfeng, also known as Gbigmao and Gxiaomao. Additionally, Tianfeng has been charged with creating and testing a zero-day security flaw that was utilized to carry out the Sophos assaults.

A Chinese hacker uses a zero-day vulnerability to compromise 81K Sophos devices.

Charges against a Chinese national who allegedly breached some 81,000 Sophos firewall devices worldwide in 2020 were unveiled by the US government yesterday. Conspiracy to commit wire fraud and conspiracy to commit computer fraud were the charges brought against Guan Tianfeng, also known as Gbigmao and Gxiaomao. Additionally, Tianfeng has been charged with creating and testing a zero-day security flaw that was utilized to carry out the Sophos assaults.

With a CVSS score of 9.8, the zero-day vulnerability in question is identified as CVE-2020-12271. It is a critical SQL injection vulnerability that could give a threat actor the ability to execute remote code execution (RCE). In the US District Court, Northern District of Indiana, Hammond Division, a federal arrest warrant was issued for Tianfeng, who is thought to be residing in Sichuan Province, China.

An award of up to $10 million is being offered by the US Department of State's Rewards for Justice Program for information on Tianfeng, Sichuan Silence Technology Company Ltd., the offices where he worked, and related persons and their destructive activities.

In a press statement, Assistant Attorney General for National Security Matthew Olsen stated, "The defendant and his conspirators compromised tens of thousands of firewalls and then continued to hold these devices, which protect computers in the United States and around the world, at risk." "The Department of Justice will hold accountable those who contribute to the dangerous ecosystem of China-based enabling companies that carry out indiscriminate hacks on behalf of their sponsors and undermine global cybersecurity."