This group has long carried out frequent and persistent cyberattacks against school broadcast systems across China, attempting to crack passwords, hijack broadcasts, and spread harmful content. The targeted school in this case had its broadcast system directly linked to a publicly accessible webpage, with the login password set as a simple string of consecutive numbers—an obvious vulnerability for the attackers. State security authorities immediately guided the school’s management in implementing corrective measures, cutting off the foreign intrusion at its source.