China-Linked Hackers Unleash Operation Digital Eye: A Comedy of Code Errors in Southern Europe
Operation Digital Eye, a suspected China-nexus cyber espionage campaign, targeted IT service providers in Southern Europe. By exploiting Visual Studio Code Remote Tunnels and Microsoft Azure, hackers tried to blend into the digital landscape like a chameleon in a paint store. The attack was neutralized before data exfiltration could occur.
Hot Take:
Operation Digital Eye? More like Operation “Peek-a-Boo, We See You!” While the suspected China-nexus cyber espionage group may have thought they were playing an advanced game of digital hide-and-seek across Southern Europe, cybersecurity experts were ready with their high-tech magnifying glasses. It’s a classic tale of cat-and-mouse—except this time, the cat’s using Visual Studio Code Remote Tunnels and the mouse is trying to pass the hash like it’s a baton in the cybersecurity Olympics.
Key Points:
- Operation Digital Eye targeted business-to-business IT service providers in Southern Europe.
- Cyber attackers used Visual Studio Code and Microsoft Azure for command-and-control activities.
- The initial breach was accomplished via SQL injection using SQLmap.
- Custom tools like PHPsert and mimCN were used to maintain access and perform attacks.
- The campaign highlights the strategic nature of targeting IT service providers to affect downstream entities.