known as the Animal Health Emergency Reporting Diagnostic System, or USAHERDS, serves as a helpful digital tool for state governments to track and trace animal disease through populations of livestock. Now it's turned out to be a kind of infection vector of its own—in the hands of one of China's most prolific groups of hackers.
APT41 has gained a reputation as one of China's most aggressive hacking groups. The US Department of Justiceand accused them of hacking into hundreds of victims' systems across Asia and the West, both for state-sponsored espionage and for profit. The group’s goal in this latest series of intrusions, or what data they may have been seeking, remains a mystery.
USAHERDS is hardly the only web app APT41 appears to have hacked as a way into its victims' systems. Based on a series of incident response cases over the last year, Mandiant believes that the Chinese group has since at least May of last year been targeting US state governments by exploiting web applications that use a development framework called ASP.NET.
Mandiant nonetheless chose to reveal the exploitation of USAHERDS in the two earlier breaches due to the broad use of the app across state governments, the severity of the bug, and the likelihood that it was also used to quietly penetrate other state networks. "There are 18 states that use USAHERDS. If you're APT41, why not exploit all of them?" says Mandiant's Brown. "We don't know how broad this is. We just really want to get the information out there.
Well well, you got to wonder where is the proof it was Chinese?
Surprise surprise