China exposes series of malicious foreign websites and IP addresses used by overseas hacker groups
Global Times
By Shen Sheng Published: Jul 07, 2025 10:04 PM
China's National Computer Network Emergency Response Technical Team (CNERT/CC) has uncovered a series of malicious foreign websites and IP addresses used by overseas hacker groups to carry out ongoing cyberattacks against China and other countries, according to a statement released Monday via its official WeChat account.
These malicious websites and IP addresses are closely linked to specific Trojan programs or their command-and-control servers, said the statement. The cyberattacks include the creation of botnets and exploitation through backdoors, posing a significant threat to Chinese networked institutions and internet users.
CNERT/CC warned that the malicious websites and IP addresses primarily originate from the US, the Netherlands, Switzerland, Belgium, Poland, South Africa, and Lithuania.
According to Qin An, head of the Beijing-based Institute of China Cyberspace Strategy, the specific tactics used in these attacks—such as the deployment of Trojan programs and command-and-control servers—are tied to malicious websites and IP addresses. The cyberattacks include building botnets and exploiting system backdoors, posing a serious threat to Chinese institutions and internet users, said Qin.
"These are basic, commonly used tricks - they're not sophisticated," Qin said. "But what we need to stay alert to is the intent behind these waves of large-scale, coordinated cyberattacks."
"Beyond issuing warnings and alerts, China should take more forceful action," Qin stressed. "We should arrest and punish those hackers who launch attacks against us to send a clear message of deterrence."
|
NEWSLETTER
|
| Join the GlobalSecurity.org mailing list |
|
|
|
