Smishing Triad's Billion-Dollar Phishing Frenzy | Qilin's Ransomware Factory | State Hackers Pounce on Fresh Vulns

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.Listeners, it’s Ting with the latest on Digital Dragon Watch: Weekly China Cyber Alert, and trust me, the cyber skies over China and beyond have been stormy this week. Let’s jump right in, because if you blink, you’ll miss at least three zero-day exploits.First stop: the Smishing Triad, a China-linked syndicate orchestrating the most relentless SMS-based phishing campaign we’ve seen in years. Since early 2024, this crew has deployed over 194,000 malicious domains—yes, one hundred ninety-four thousand!—to spoof everything from USPS to E-ZPass, IRS, and top banks. They’re hitting mobile users in over 120 countries, but the US gets a special, ahem, ‘focus.’ The playbook is familiar but fiendishly effective: fake alerts, threaten you with unpaid fees, and funnel you into credential-stealing sites spun up and taken down faster than you can hit “mark as spam.” This PhaaS—or Phishing as a Service—operation leans on US-based cloud infrastructure, Chinese nameservers, and a who's-who of domain registrars, churning through URLs so fast even threat trackers need a vacation. And let’s talk profit—the projected haul over the past three years? More than $1 billion, with no slowdown in sight.Now, moving from phishing to full-on breach, the ransomware group Qilin is practically running a cyberattack factory. As of yesterday, Qilin publicly threatened the City of Sugar Land in Texas, demanding ransom or they’ll dump sensitive data. And they’re not just picking on US towns: According to analysis by Comparitech, Qilin logged its 700th claimed ransomware attack in 2025, mostly targeting manufacturers, finance, retailers, health care, education, and government agencies, but with plenty of US victims—375 at last count, by far the most globally. Nissan Creative Box in Japan, Asahi Holdings, and even municipal courts have fallen victim, and the education sector alone saw attacks spike by more than 400% this year. Qilin’s secret sauce? Ransomware-as-a-Service, where their malware is basically for rent and affiliates do the dirty work. Typical ransoms swing from two to ten million dollars, but the real pain is the business downtime and data exfiltration.But let’s not forget the state-sponsored actors. Security Affairs reports that China-linked hackers, notably Salt Typhoon and unnamed threat groups, have exploited freshly patched vulnerabilities like CVE-2025-53770 in Microsoft SharePoint and Citrix NetScaler Gateway to breach telecom networks in the Middle East and Europe. The speed with which they exploit patched flaws—sometimes within hours of disclosure—shows just how sophisticated these crews have become. The US government, meanwhile, has ramped up joint cyber exercises and public-private partnerships. Agencies like CISA and DOE are pushing for broader info-sharing and resilience training, but there’s worry: recent funding cuts to federal cyber agencies have experts warning about a widening resilience gap, especially as China and Russia keep up the offensive.So, what can you do? Experts hammer on the basics: implement multi-factor authentication everywhere, keep threat intel feeds up to date—especially those dark web alerts—validate your offline, immutable backups, and conduct regular phishing drills for every employee, from the C-suite to interns. For incident response, don’t DIY—call in professionals, legal counsel, and threat analysts before you even think about responding to extortionists.Thanks for tuning in to Digital Dragon Watch. Subscribe so you’re never caught off guard, and remember: if you get a suspicious SMS about your package, double-check before you click. This has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

There are no comments yet.

Please log in to write the first comment.