{"id":45640,"date":"2022-03-09T15:48:29","date_gmt":"2022-03-09T15:48:29","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33192\/Chinese-APT-Zero-Days-Compromised-US-State-Governments.html"},"modified":"2022-03-09T15:48:29","modified_gmt":"2022-03-09T15:48:29","slug":"chinese-apt-zero-days-compromised-us-state-governments","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/","title":{"rendered":"Chinese APT Zero Days Compromised US State Governments"},"content":{"rendered":"<div>\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2021\/11\/GettyImages-1353512957-e1637331855721-1024x614.jpg\" alt class=\"wp-image-203069\"><figcaption>U.S. President Joe Biden participates in a virtual meeting with Chinese President Xi Jinping at the White House on Nov. 15, 2021, in Washington,. A hacking group tied to the Chinese government has exploited zero-day vulnerabilities in internet facing web applications \u2014 including Log4j \u2014 to compromise the networks of at least six U.S. state governments over the past year, according to threat intelligence firm Mandiant. (Photo by Alex Wong\/Getty Images)<\/figcaption><\/figure>\n<\/div>\n<p>A hacking group tied to the Chinese government has exploited zero-day vulnerabilities in internet-facing web applications \u2014 including Log4j \u2014 to compromise the networks of at least six U.S. state governments over the past year, according to <a href=\"https:\/\/www.scmagazine.com\/news\/cloud-security\/google-to-buy-mandiant-in-5-4-billion-deal\" target=\"_blank\" rel=\"noreferrer noopener\">threat intelligence firm Mandiant<\/a>.<\/p>\n<p>The earliest signs of the campaign were detected in May 2021 and have continued through at least February 2022. Attackers leveraged a number of zero-day vulnerabilities, such as Log4j and a previously undiscovered flaw in USAHerds, a commercial-off-the-shelf application used for tracing animal diseases.<\/p>\n<p>The hacking group, APT41, is believed to be associated with the Chinese Ministry of State Security and is known for targeting industries and intellectual property for technologies that are aligned with China\u2019s 13<sup>th<\/sup> five-year economic plan, including the telecommunications, health care, and high tech sectors. They have also been observed targeting higher education, media firms and the video game industries, and they are relatively unique as one of the few state-connected APTs that appear to hack both for espionage and financially motivated reasons.<\/p>\n<p>Rufus Brown, a senior threat analyst at Mandiant, said <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/analysis\/application-security\/log4j-vulnerability-cleanup-expected-to-take-months-or-years\" target=\"_blank\">the use of Log4j is notable <\/a>because it demonstrates <a rel=\"noreferrer noopener\" href=\"https:\/\/www.scmagazine.com\/news\/cloud-security\/log4j-reaching-pandemic-level-exploit-numbers\" target=\"_blank\">how quickly some state-sponsored groups were able to move to exploit the vulnerability<\/a>. Just hours after Log4j was disclosed in December 2021, APT41 began incorporating it into their ongoing campaign to compromise at least two state governments. While there is evidence that APT41 also used Log4j against private insurance and telecommunications firms, the targeting of U.S. state governments in this campaign was specific and deliberate.<\/p>\n<p>\u201cThey are going after any external web application server that they can exploit&#8230; anything they can get to gain a foothold in state government environments,\u201d said Brown.<\/p>\n<p>In the weeks following Log4j&#8217;s disclosure, agencies like the Cybersecurity and Infrastructure Security Agency (CISA) and private threat intelligence firms initially reported <a href=\"https:\/\/www.scmagazine.com\/analysis\/application-security\/cisa-sees-low-levels-of-log4j-exploitation-against-agencies-and-critical-infrastructure\" target=\"_blank\" rel=\"noreferrer noopener\">low levels of exploitation by criminal actors<\/a> for things like cryptocurrency mining, but Brown said there is increasingly evidence that state-backed hacking groups were able to <a href=\"https:\/\/www.scmagazine.com\/analysis\/vulnerability-management\/apache-head-no-programming-tool-would-have-caught-log4j-bug\" target=\"_blank\" rel=\"noreferrer noopener\">quickly exploit the bug<\/a>, as well.<\/p>\n<p>Meanwhile, the use of another zero-day flaw in USAHerds (CVE-2021-44207) indicates that the victim set could go beyond the initial six states identified by Mandiant. The application uses the same static validation and decryption keys across all applications by default, and the vulnerability exploits this fact to compromise any sever connected to the internet running the application. <a href=\"https:\/\/github.com\/mandiant\/Vulnerability-Disclosures\/blob\/master\/MNDT-2021-0012\/MNDT-2021-0012.md\" target=\"_blank\" rel=\"noreferrer noopener\">A GitHub page <\/a>compiled by Mandiant for the bug states that the bug, now patched, affects all builds for USAHerds prior to November 2021.<\/p>\n<p>While it\u2019s not known how APT41 obtained the original machine key values, it would theoretically allow them to exploit the same weakness in other states that use USAHerds. At least 18 states are known to use the software, and Brown said it is likely that other states have been compromised by the flaw and don\u2019t know it.<\/p>\n<p>They\u2019re also persistent in two instances Mandiant said it began investigating a compromise at one state agency only to find the group inside the network of another. As recently as Feb. 22, attackers were observed re-compromising the IT systems of two states they had previously broken into, often using different initial access vectors and tactics, techniques and procedures.<\/p>\n<p>\u201cThe most important takeaway I have is the creativity and operational capability that APT41 has,\u201d Brown said. \u201cThey were conducting operations against U.S. state governments and then switched to Log4j when [proofs of concept code] came out in an advisory. They took advantage of what they had.\u201d<\/p>\n<p>APT41 has a long history of targeting U.S. and Western technology secrets. Between 2019 and 2020, <a href=\"https:\/\/www.justice.gov\/opa\/pr\/seven-international-cyber-defendants-including-apt41-actors-charged-connection-computer\" target=\"_blank\" rel=\"noreferrer noopener\">the Department of Justice indicted five hackers from the group<\/a> for targeting more than 100 companies in the United States and other countries while seizing hundreds of accounts, servers, domain names and command and control pages used by the group to carry out operations. The victims included software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks and foreign governments.<\/p>\n<p>In some cases the attackers exfiltrated unspecified personally identifiable information (PII), something that would be consistent with the espionage-minded background and goals of previous operations by APT41. However, Brown said that for all six of the state governments where APT41\u2019s presence was detected, the intruders were kicked out before they could complete their full attack chain. As a result, Mandiant is shying away from making a formal assessment of the group\u2019s goals at this time.<\/p>\n<p>\u201cWe haven\u2019t observed any sign that this campaign is stopping. Whatever they\u2019re going after must be very important,\u201d Brown noted.<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33192\/Chinese-APT-Zero-Days-Compromised-US-State-Governments.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":45641,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9899],"class_list":["post-45640","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackergovernmentmalwareusachinacyberwarzero-day"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Chinese APT Zero Days Compromised US State Governments 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Chinese APT Zero Days Compromised US State Governments 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-09T15:48:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2021\/11\/GettyImages-1353512957-e1637331855721-1024x614.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Chinese APT Zero Days Compromised US State Governments\",\"datePublished\":\"2022-03-09T15:48:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/\"},\"wordCount\":847,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/chinese-apt-zero-days-compromised-us-state-governments.jpg\",\"keywords\":[\"headline,hacker,government,malware,usa,china,cyberwar,zero day\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/\",\"name\":\"Chinese APT Zero Days Compromised US State Governments 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/chinese-apt-zero-days-compromised-us-state-governments.jpg\",\"datePublished\":\"2022-03-09T15:48:29+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/chinese-apt-zero-days-compromised-us-state-governments.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/chinese-apt-zero-days-compromised-us-state-governments.jpg\",\"width\":1024,\"height\":614},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/chinese-apt-zero-days-compromised-us-state-governments\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,government,malware,usa,china,cyberwar,zero day\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackergovernmentmalwareusachinacyberwarzero-day\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Chinese APT Zero Days Compromised US State Governments\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Chinese APT Zero Days Compromised US State Governments 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/","og_locale":"en_US","og_type":"article","og_title":"Chinese APT Zero Days Compromised US State Governments 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-03-09T15:48:29+00:00","og_image":[{"url":"https:\/\/cdn.scmagazine.com\/wp-content\/uploads\/2021\/11\/GettyImages-1353512957-e1637331855721-1024x614.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Chinese APT Zero Days Compromised US State Governments","datePublished":"2022-03-09T15:48:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/"},"wordCount":847,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/chinese-apt-zero-days-compromised-us-state-governments.jpg","keywords":["headline,hacker,government,malware,usa,china,cyberwar,zero day"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/","url":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/","name":"Chinese APT Zero Days Compromised US State Governments 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/chinese-apt-zero-days-compromised-us-state-governments.jpg","datePublished":"2022-03-09T15:48:29+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/chinese-apt-zero-days-compromised-us-state-governments.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/03\/chinese-apt-zero-days-compromised-us-state-governments.jpg","width":1024,"height":614},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/chinese-apt-zero-days-compromised-us-state-governments\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,government,malware,usa,china,cyberwar,zero day","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackergovernmentmalwareusachinacyberwarzero-day\/"},{"@type":"ListItem","position":3,"name":"Chinese APT Zero Days Compromised US State Governments"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45640","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=45640"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/45640\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/45641"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=45640"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=45640"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=45640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}