A Digital Eye on supply-chain-based espionage attacks. [Research Saturday]

Dave Bittner

You're listening to the Cyberwire Network, powered by N2K.

Juan Andres Guerrero Sade

Your business needs AI solutions that are not only ambitious, but also practical and adaptable. That's where Domo's AI and data products platform comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact, secure AI agents connect. Prepare and automate your data workflows, helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role. Data is hard. Domo is easy. Learn more@AI.domo.com that's AI.domo.com hello, everyone. Welcome to the Cyberwires Research Saturday. I'm Dave Buettner and this is our weekly conversation with researchers and analysts, tracking down the threats and vulnerabilities, solving some of the hard problems, and protecting ourselves in our rapidly evolving cyberspace. Thanks for joining us.

Dave Bittner

So this is, as always, great work by Alexander Milinkovsky. He's in the labs team. He's always finding some very interesting things all on his own. In this case, he collaborated with Luigi Martiere over at Tenexta Cyber. So they were actually kind enough to bring the initial incident to our attention and we were able to collaborate on this one.

Juan Andres Guerrero Sade

That's Juan Andres Guerrero Sade, better known as Jags from Sentinel One. Today we're discussing their work. Operation digitaleye. Chinese AP compromises critical digital infrastructure via visual studio code tunnels. Well, explain to us what Operation digitaleye is and why it matters who are the primary targets here.

Dave Bittner

So Operation digitaleye is a kind of interesting next chapter in this sort of continuum of research that we've been working around, this kind of vague apt team somewhere in the general Chinese cluster. And I say vague apt team because it seems like there is some kind of campaign enablement group or malware development quartermaster that seems to be operating with a variety of other Chinese apts, primarily to target telcos and certain sort of digital equivalent of critical infrastructure type targets. I say it's a continuum because we had originally heard about this as Operation Soft Sell. And then Alex Milankovsky discovered the next iteration, which we called Tainted Love. And now we're at the third chapter with Operation digitaleye. So our friends are going. They're still going strong.

Juan Andres Guerrero Sade

Well, let me just put a pin in Soft Sell and Tainted Love. As a child of the 80s, you hit me where I live. So congratulations on that.

Dave Bittner

I'm glad it resonated.

Juan Andres Guerrero Sade

Yeah, there you go. Let's talk about some of the methods here. I mean, am I reading the research right, that it starts off with SQL injection.

Dave Bittner

For initial access, there's SQL injection and then they use a web shell to try to get their initial foothold in the victim organizations.

Juan Andres Guerrero Sade

I see. Well, I think one of the key things that catches people's eyes in your research here is the use of Visual Studio code remote tunnels for command and control. Let's unpack that. For folks who may not be familiar with it, what are the Visual Studio code? Remote tunnels?

Dave Bittner

So Visual Studio code is a development environment that's quite common and quite beloved amongst the general software engineering and development community. A lot of folks use this and it's a really interesting sort of useful suite of tools for developing code that since it's so prevalent around enterprise environments and development environments, it tends to get a lot of leeway as far as, like, what's allowed through firewalls, what's allowed on endpoint, Endpoint protection, Because doing detection for developer machines is actually one of the harder scenarios. They tend to be very unusual kind of endpoints. They tend to install a lot of things. They tend to have entirely different kinds of configurations than your average user. Which also means that their tools tend to get a lot of leeway. Right. In some cases, folks might even exclude these from getting detected. Our attackers have clearly figured that part out as they took to using the novel technique of taking this Visual Studio code ide, this development environment and abusing one of its native features. And I think one of the favorite native features, which is the ability to have a remote tunnel to an external system that you use for development. So think of a developer that might have a system in the cloud that's used as part of its CICD pipeline, or part of her way of developing some of these tools and deploying them into a specific environment. In this case, the attacker saw that capability, saw the reputation of the tool, and decided to bring it along themselves. So they're bringing a Microsoft signed executable of VS code, they're setting it up as a service, and the machines that they infect, and then they abuse this remote tunnel's capability in order to actually disguise their command and control traffic through the allowances that you would normally make for this.

Juan Andres Guerrero Sade

And that makes it difficult to detect?

Dave Bittner

Yes, extremely. Especially on the wire. Right. Like on endpoint level, you know, if you've got a good endpoint solution, not to shill, but you should be able to see some of the behaviors there. But if you're just looking at this on the wire, as far as like the network goes, chances are this is going to get lumped in with other Strange but common traffic from Visual Studio code and from these other development boxes. Since the attackers were angling for that, they went a step further and actually registered their command and control infrastructure on Azure Cloud. And that way, if you're just trying to check your network logs or you're trying to check the reputation of the domains that your environment connects with, well, this is a seemingly innocuous connection from Visual Studio code to Microsoft owned cloud infrastructure. What could possibly go wrong?

Juan Andres Guerrero Sade

Well, before we dig into some of the infrastructure things here, the research mentions that the attackers used custom Mimikatz modifications for pass the hash attacks. Can you unpack that for us?

Dave Bittner

Absolutely. So this is actually where a lot of the connection comes with soft sell. With Tainted Love, Alex has done a great job sort of latching onto this set of semi custom tooling that this digital Quartermaster or shared operations team seems to be using. And part of that tooling is their own sort of modified version of Mimikatz. And some of the existing sort of past the hash tooling, they've kept modifying it, improving it, changing it to their own liking, and in some cases even adding some, you know, custom messaging in Chinese for what we assume are other teams that are also working with their tools. So that's a part of our, that's a part of our, you know, theory around this group that they are building things that are being used by others. And I think it sort of speaks to perhaps more interesting part of how some of these apt teams like Gallium and their attacks of the, you know, telecommunications sector, and in this case the B2B IT sector, how they're going about and how they are sort of segmenting the work between these different departments.

Juan Andres Guerrero Sade

I see. Well, you mentioned that they are using Microsoft Azure and the research mentions European infrastructure for the campaign. How does this help them avoid detection?

Dave Bittner

Well, this is something that it's actually quite a hot topic these days as we talk about things like Vault, Typhoon, Salt Typhoon and you know, everyone's favorite sort of threat actors that are just essentially phasing all of our security mechanisms these days. Part of the new Chinese operational playbook seems to be making sure that the points of exit, the infrastructure that they use to hit their victims is as close to their own, you know, country, borders or at least continent in a way that may not arouse suspicion. So if you think about it, especially as we start to sort of segment the different powers that defenders have across the world, there tends to be, think about the U.S. right, you've got this remit where we have these behemoths like NSA that can do amazing things only from our borders on out. And sort of these Chinese apt teams are taking the opposite mentality of saying, well, we're going to make sure that whatever network resources are going to touch our victim enterprise are coming from, you know, as close as possible, as normal as possible so that these defenders are not going to latch on to what's going on.

Juan Andres Guerrero Sade

The call is coming from inside the house.

Dave Bittner

Something like that.

Juan Andres Guerrero Sade

Yeah. We'll be right back. And now a message from our sponsor. Zscaler, the leader in cloud enterprises have spent billions of dollars on firewalls and VPNs. Yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security. Zscaler 0Trust AI stops attackers by hiding your attack surface. Making apps and IPs invisible. Eliminating lateral movement. Connecting users only to specific apps, not the entire network. Continuously verifying every request based on identity and context. Simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions. Hackers can't attack what they can't see. Protect your organization with Zscaler Zero Trust and AI. Learn more@Zscaler.com Security hey everybody, Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers. So I decided to try Deleteme. I have to say, DeleteMe is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data privacy is protected. Deleteme's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your delete me plan when you go to JoinDeleteMe.com N2K and use promo code N2K at checkout. The only way to get 20% off is to go to JoinDeleteMe.comN2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K can we talk about soft sell and tainted love? I mean you mentioned those. Can you kind of explain to us some of the overlaps here, that some of the things that for you and your team helped connect these campaigns?

Dave Bittner

Sure. So Operation Soft Sell was originally reported by researchers at Cyber Reason. And Alex Milinkoski was particularly interested in this team and actually revealed another attack on the telecommunications sector, along with me and Joey Chen and our friends over at QGroup. So we released that research last year as we kind of latched on to this cluster of semi custom tooling being used particularly against telcos, to target telcos. And at the time we were sort of putting this in this operational cluster, this unidentified team somewhere in the nexus of gallium or apt 41. And frankly, if that's gibberish to you, it feels like gibberish to me, frankly, because the whole Chinese APT ecosystem right now is. It's not just complex, it's actually almost designed in a way that's very difficult for us to cluster properly. So from back then, March 2023, we were already trying to keep up with this group and understand not just who they were targeting or what they wanted from the telcos, but also how they related to some of the other teams that they seem to be enabling. So as we kind of caught on to some of the things that they were doing to customize their tooling, particularly some of these Mimikat samples, we were able to track some of that development, and Alex recognizes that immediately in this new incident. As you look at some of their tooling, it's just a clear evolution from the things that we'd seen modified for Operation Tainted Love, and now we started to refer to them as mimcn, but it's essentially sort of a soft fork of pass the hash tooling and things that we were familiar enough with but are being improved by this group.

Juan Andres Guerrero Sade

When you're talking about the Chinese APT ecosystem, and you already mentioned this notion of digital quartermasters and shared vendors, can you help us understand what your perception is of how that works? What I'm hearing is like, it sounds like things are very fluid and there's, as you said, it's hard to pin them down. Can you provide some details there?

Dave Bittner

So I think there's two sides to that. The first one, fluid might be a good way to look at it, I would say maybe less regimented. We tend to have this sort of notion of how nation state operations should be run, you know, quote, unquote, should be run. From a Western perspective. We tend to think about authorities and how organizations are divided and how we divide remits and whose responsibility is what. And there tends to be some hard divisions wherein we've seen in the past it's particularly hard for different governmental organizations to play ball with each other. It seems that the Chinese APT ecosystem or state sponsored ecosystem of threat actors has found some way around that. They've found a way to play nice. And what we end up seeing is there's a lot of these teams that are harder to characterize because of some of the tooling that they're using and some of the techniques. But then you also have what appears to be connective tissue between these different groups and clusters of APTs where in some cases they're sharing tooling, in some cases it seems that they might be handing off accesses or they might prepare the ground in a certain place and have somebody else come in, some other group come in and kind of finish the job. So it's just a much more complex space. And I'll admit, I don't think that this is just coincidental. As you look at the more recent intrusions that are dogging us, particularly in the United States, there seems to be a certain amount of intentional engineering towards our blind spots, which is what's making things like the new hot topic du jour of Salt Typhoon such a nightmare for everybody.

Juan Andres Guerrero Sade

Yeah. Let's talk about detection and mitigation. I mean, how were these attacks initially detected and disrupted before they could escalate?

Dave Bittner

So they're credit to our friends at Tenexta. So Luigi reached out with this knowledge of this new web shell and some of the tooling that they'd originally caught onto. And from there we were able to kind of spider out and rebuild some of the operation and understand how the attackers had moved around, what they had latched onto. And then that's where Alex figures out this VS Code tunneling magic and sort of this new capability. Frankly, as far as detection and mitigation, the advice is getting a lot harder. Right. I think we used to come on here and say, hey, update your firewalls, make sure you're checking your logs, make sure that you are checking the reputation of what network connections happen, and so on. It's all very well rounded advice. But in this particular case, I think for anybody, you know, any astute readers paying attention to the research, it really wouldn't help you too much to focus too much on the network resources. Right. We're talking about this operation being engineered towards that. So we are almost entirely dependent on endpoint protection. And I know that's convenient from somebody, you know, from someone selling some of these solutions. But as far as from an incident response perspective, we really don't have many options for detecting these anomalies unless we have great visibility on the endpoints themselves because the network resources are not going to cut it.

Juan Andres Guerrero Sade

What if I'm somebody who's using Visual Studio code? I mean, how do I scrutinize a trusted tool like that without turning my normal workflows upside down?

Dave Bittner

To be honest, I'm not entirely sure that there is a way for you to do that. Right. There have been some improvements to VS code in general. And you can see if you're an avid user, you may have noticed a certain amount of prompting asking you whether you trust the project that you're opening, whether you trust the code that you're executing. And I mean, that's all well and good, especially since we've seen, for example, North Korean APT teams targeting developers, targeting exploit researchers with malicious projects, but there's really not an easy way to account for Trojanization and the sort of like you said, right, the call's coming from inside the house. In this case, it's very difficult to look at a tool of your own that you love, that you're getting from the right place. You're not, you know, it's digitally signed, everything is working as intended, and in this case it's being turned into essentially a lull bin, living off the land type of technique. I would go one further. When it comes to something like Visual Studio code and a lot of the tools that developers use, there is a very laissez faire kind of approach to how these tools use plugins. So for example, VS code has its own plugin marketplace and a lot of it is helpful stuff and a lot of it is great capabilities. But there is a heavy reliance there on whether you have good stewardship from Microsoft and whoever else gets to vet that code that it doesn't become a vector for a supply chain attack. And I say that precisely because you can pull down any kind of plugin that gets put up there. It's going to run in the execution context of VS code inside of your developer boxes. And if that sounds like it would be a lot of effort, I would suggest considering the payoff of getting on an engineer or developer's box, right? Like that's a key get when you can then turn that into a downstream supply chain compromise. So it's a lot to consider. I don't know what to tell folks when it comes to how to develop policies around these things because it's just very hard to adapt to what developers need. But it's a situation where if you don't have a good sort of behavioral analytics as far as what's happening with this code in flight, once it's running, not when it's on disk, you're very likely to miss the entire thing.

Juan Andres Guerrero Sade

What are some of the biggest takeaways for you here? When we're looking at Operation digitaleye, what do you hope, folks, take away from your research?

Dave Bittner

Well, there's a variety of things we could take away. I would actually love to emphasize not just the technique itself and the sort of this nifty little novel type of attack, but rather the level of sustained interest that we're seeing towards the telecommunications sector, towards the B2B IT sector, MSSPs, other companies that essentially are infrastructure supporters. There is a sustained effort with specific Chinese APT teams that are primarily interested in being there. And that's for good reason, right? Like it enables all kinds of attacks, further downstream compromises and general surveillance that is very hard for any of us to defend from. Right? Like we can't possibly look over the shoulders of our own telecommunications providers. We just pay them and hope that they're protecting us. So it's a very difficult situation and one that I think needs a lot more attention from the public at large because the cloud services that we rely on, the telcos that we rely on, they're being targeted quite heavily and without much of an assurance of their integrity. I don't know that we're in a good position to protect ourselves.

Juan Andres Guerrero Sade

Our thanks to Jaggs from Sentinel one for joining us. The research is titled Operation Digital Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels. We'll have a link in the show notes and that is Research Saturday brought to you by N2K CyberWire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com this episode was produced by Liz Stokes. We're mixed by Elliot Peltzman and Trey Hester, our executive producer. Producer is Jennifer Ibin. Our executive editor is Brandon Karp. Simone Petrella is our president. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here next.

Dave Bittner

Foreign.

Juan Andres Guerrero Sade

Cyber threats are evolving every second, and staying ahead is more than just a challenge, it's a necessity. That's why we're thrilled to partner with Threat Locker, the cybersecurity solution trusted by businesses worldwide. Threat Locker is a full suite of solutions designed to give you total control stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit threatlocker.com today to see how a default deny approach can keep your company safe and compliant.