Tech »  Topic »  China-linked LapDogs Campaign Drops ShortLeash Backdoor with Fake Certs

China-linked LapDogs Campaign Drops ShortLeash Backdoor with Fake Certs


ShortLeash backdoor, used in the China-linked LapDogs campaign since 2023, enables stealth access, persistence, and data theft via compromised SOHO routers and fake certs.

Cybersecurity experts at SecurityScorecard have discovered a widespread cyber espionage operation, dubbed LapDogs, which has compromised an unknown number of devices (probably thousands) around the world since September 2023.

This stealthy campaign, likely originating from a China-based group, focuses on long-term surveillance and data theft, primarily targeting the United States, Japan, South Korea, Taiwan, and Hong Kong.

Exploiting Everyday Devices

According to SecurityScorecard’s STRIKE team’s research, unlike typical cyberattacks that aim for quick access, LapDogs uses a clever method involving what experts call Operational Relay Boxes (ORBs). An ORB is a compromised device, often a Small Office/Home Office (SOHO) router or an Internet of Things (IoT) device, that attackers use to secretly route their traffic.

SOHO routers are those used in small businesses ...


Copyright of this story solely belongs to hackread.com . To see the full text click HERE