Date of report
- April 2022
Affiliations
Chinese threat actor Hafnium targeted an un-patched zero-day vulnerability in Zoho products to implant a web shell. Hafnium exploited the Windows Task Scheduler to execute hidden scheduled tasks, allowing the malware to avoid detection.
Suspected victims
- Telecommunication companies, internet service providers, and the data services sector
Suspected state sponsor
- China
Type of incident
- Espionage
Target category
- Private sector