EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • A Chinese Cyber Espionage Group Targeted Juniper Routers
    • Home
    • Cybercrime
    • A Chinese Cyber Espionage Group Targeted Juniper Routers

    A Chinese Cyber Espionage Group Targeted Juniper Routers

    Written by
    The Editorial Team
    03.17.25
    Cybercrime
    01
    MIN
    A Chinese Cyber Espionage Group Targeted Juniper Routers
    A Chinese Cyber Espionage Group Targeted Juniper Routers
    A Chinese Cyber Espionage Group Targeted Juniper Routers
    Image Operation Endgame leads to the arrest of Smokeloader botnet clients
    Cybercrime
    04.13.25 Cybercrime
    Next article
    Operation Endgame leads to the arrest of Smokeloader botnet clients
    Read
    01
    MIN
    Image Ransomware: Hunters International to abandon data encryption
    Cybercrime
    04.04.25 Cybercrime
    Next article
    Ransomware: Hunters International to abandon data encryption
    Read
    01
    MIN
    Image A spying campaign targeting Russian entities exploited a zero-day flaw in Chrome
    Cybercrime
    03.29.25 Cybercrime
    Next article
    A spying campaign targeting Russian entities exploited a zero-day flaw in Chrome
    Read
    01
    MIN
    Image Over 300 suspected cybercriminals arrested in Africa-wide operation
    Cybercrime
    03.25.25 Cybercrime
    Next article
    Over 300 suspected cybercriminals arrested in Africa-wide operation
    Read
    01
    MIN
    UNC3886 had already gained notoriety for exploiting vulnerabilities in Fortinet edge devices

    On March 12, 2025, Mandiant teams revealed their mid-2024 discovery of backdoors in Juniper Networks routers, installed by the Chinese cyber espionage group UNC3886. This state-backed entity had previously gained notoriety for exploiting vulnerabilities in Fortinet edge devices.

    In this case, the cybercriminals took advantage of a security flaw affecting Juniper Networks’ Junos OS routers. “The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script that disables logging mechanisms on the targeted device,” the Mandiant report states.

    Cybersecurity researchers also detail the “tactics, techniques, and procedures” employed by UNC3886. The Chinese group primarily targets network perimeter devices, which often lack security solutions. With a remarkable ability to move laterally within IT systems undetected, UNC3886 appears to prioritize “maintaining long-term access to its victims’ networks.”

    The Editorial Team
    03.17.25
    Articles by the same author:
    1
    04.17.25 Cybercrime
    Canada: Authorities Arrest 87 Cyber Fraudsters Using LabHost
    Read
    01
    MIN
    2
    04.16.25 Industry and OT
    Canada: Free cybersecurity tools for small water, electricity, and gas providers
    Read
    01
    MIN
    3
    04.16.25 Cyber stability
    Taiwan accuses Chinese ship captain of cutting undersea cable
    Read
    01
    MIN
    4
    04.13.25 Cyber stability
    United States: The Trump administration may lay off a third of CISA employees
    Read
    01
    MIN
    Image Operation Endgame leads to the arrest of Smokeloader botnet clients
    Cybercrime
    04.13.25 Cybercrime
    Next article
    Operation Endgame leads to the arrest of Smokeloader botnet clients
    Read
    01
    MIN
    Image Ransomware: Hunters International to abandon data encryption
    Cybercrime
    04.04.25 Cybercrime
    Next article
    Ransomware: Hunters International to abandon data encryption
    Read
    01
    MIN
    Image A spying campaign targeting Russian entities exploited a zero-day flaw in Chrome
    Cybercrime
    03.29.25 Cybercrime
    Next article
    A spying campaign targeting Russian entities exploited a zero-day flaw in Chrome
    Read
    01
    MIN
    Image Over 300 suspected cybercriminals arrested in Africa-wide operation
    Cybercrime
    03.25.25 Cybercrime
    Next article
    Over 300 suspected cybercriminals arrested in Africa-wide operation
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.