(Bloomberg) -- At least six U.S. state governments were hacked by a Chinese state-sponsored espionage campaign that partly took advantage of the widespread Log4j software vulnerability, researchers reported Tuesday.
The cybersecurity firm Mandiant Inc. said its investigation began last May, when it examined an unspecified state’s government computer network. Of the six state governments that were hacked, at least two of them were “re-compromised” as recently as last month, the firm said.
The company didn’t identify the victims by name. Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, said last year that the vulnerability in Log4j, a popular software tool, represented a “severe” risk. Cybersecurity personnel have warned that, by leveraging the flaw, hackers could take control of an affected system.
Mandiant said APT 41, a Chinese state-sponsored group, was behind the attack. In 2020, a federal grand jury in Washington indicted alleged hackers tied to the group, which U.S. officials have linked to China’s Ministry of State Security, accusing them of targeting more than 100 victims around the world.
“The Chinese government’s position on cybersecurity is consistent and clear,” said Liu Pengyu, a spokesman for the Chinese embassy in Washington. “We firmly oppose and combat cyberattacks of any kind. We oppose making groundless accusations against China on cybersecurity and other related issues.”