Google revealed on Wednesday that it collaborated with industry partners to take down the infrastructure of a suspected cyber espionage group with a connection to China, known as UNC2814, which compromised at least 53 organizations in 42 different countries This article explores today google threat. . In a report released today, Google Threat Intelligence Group (GTIG) and Mandiant stated, "This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas."
In more than 20 other countries, UNC2814 is also thought to be connected to other infections. The tech giant, which has been tracking the threat actor since 2017, has been observed using API calls to communicate with software-as-a-service (SaaS) apps as command-and-control (C2) infrastructure. It also stated that the goal is to pass off their malicious traffic as harmless.
"The confirmed or suspected operations in more than 70 countries demonstrate the global reach of UNC2814's activities, underscoring the significant threat to the government and telecommunications sectors as well as the ability of these intrusions to elude detection by defenders," Google stated. Such large-scale intrusions are typically the product of years of concentrated work and are difficult to re-establish. We anticipate that UNC2814 will put forth a lot of effort to restore its global presence.
