UNITED24 - Make a charitable donation in support of Ukraine!

Homeland Security

Global Times

China exposes series of malicious foreign websites and IP addresses used by overseas hacker groups

Global Times

By Shen Sheng Published: Jul 07, 2025 10:04 PM

China's National Computer Network Emergency Response Technical Team (CNERT/CC) has uncovered a series of malicious foreign websites and IP addresses used by overseas hacker groups to carry out ongoing cyberattacks against China and other countries, according to a statement released Monday via its official WeChat account.

These malicious websites and IP addresses are closely linked to specific Trojan programs or their command-and-control servers, said the statement. The cyberattacks include the creation of botnets and exploitation through backdoors, posing a significant threat to Chinese networked institutions and internet users.

CNERT/CC warned that the malicious websites and IP addresses primarily originate from the US, the Netherlands, Switzerland, Belgium, Poland, South Africa, and Lithuania.

According to Qin An, head of the Beijing-based Institute of China Cyberspace Strategy, the specific tactics used in these attacks—such as the deployment of Trojan programs and command-and-control servers—are tied to malicious websites and IP addresses. The cyberattacks include building botnets and exploiting system backdoors, posing a serious threat to Chinese institutions and internet users, said Qin.

"These are basic, commonly used tricks - they're not sophisticated," Qin said. "But what we need to stay alert to is the intent behind these waves of large-scale, coordinated cyberattacks."

"Beyond issuing warnings and alerts, China should take more forceful action," Qin stressed. "We should arrest and punish those hackers who launch attacks against us to send a clear message of deterrence."



NEWSLETTER
Join the GlobalSecurity.org mailing list