China is being accused of employing hackers to exploit flaws in email security services to target hundreds of individuals and organizations worldwide, according to a new report.
The research, unveiled Thursday by Google-owned Mandiant Cyber Security, found that the Beijing-linked UNC4841 is behind the bug, which has affected a multitude of victims in at least 16 countries.
Mandiant narrowed the vulnerability down to the Barracuda Email Security Gateway as the affected tool, deducing that hackers had been exploiting it since as early as October 2022.
"Through the investigation, Mandiant identified a suspected China-nexus actor, currently tracked as UNC4841, targeting a subset of Barracuda ESG appliances to utilize as a vector for espionage, spanning a multitude of regions and sectors," the group wrote.
"Mandiant assesses with high confidence that UNC4841 is an espionage actor behind this wide-ranging campaign in support of the People's Republic of China," the statement added.
The hackers primarily focused on stealing data and using compromised devices to send more malicious emails to other targets, with almost a third of the targeted groups estimated to be government agencies.
In addition, UNC4841 was able to quickly develop new malware after Barracuda's first patch last month, making the attempted remedy almost immediately useless.
Axios noted Friday that Barracuda has since urged customers to replace all affected devices instead of patching them, an indication of the severity of the compromise.
The outlet further explained that 55% of all affected organizations are based in North and South America. The Association of Southeast Asian Nations and groups in Taiwan and Hong Kong were also hit.
© 2025 Newsmax. All rights reserved.