[ad_1]
Beijing [China]Aug. 31 (ANI): The Chinese state-sponsored hacking group dubbed “Advanced Persistent Threat (APT)” is a decade-old group targeting government agencies and companies around the world.
Grusha Bose, a researcher at the Indo-Pacific Centre for Strategic Communications (IPCSC), said APT41 and APT27 are the oldest and most dangerous groups currently active and have demonstrated advanced capabilities in compromising national security.
Also read | Chinese cyber attack: 800 million people exposed in second massive data breach in 2 months.
China’s APTs hacking group uses unusual malware tools to exploit vulnerabilities in government agencies for their espionage purposes.
They constantly change their attack tactics to avoid detection. China’s espionage activities are in line with China’s five-year development plan.
Also read | Slavery in China: UN report exposes forced labor arrangements in Xinjiang, Tibet.
Typically, these groups are listed numerically based on their activities, targeted industries and government support, so according to Mandiant, the APTs attributable to China are – APT 1 (PLA Unit 61398), APT 2 (PLA Unit 61486), APT 4 ( Maverick Panda, Sykipot Group, Wisp), APT 16, APT 26, APT27, APT40, APT41 (Double Dragon, Winnti Group, Barium, or Axiom), APT30, APT31, etc. and the list goes on.
Each of these APTs plays an important role in leveraging strategic national securities of targeted government agencies and companies during a particular year of their activity.
For example, APT 26 targets industries such as aerospace, defense, and energy, while APT 16 targets Japanese and Taiwanese organizations in the high-tech, government services, media, and financial services industries.
Bose said APT41 is also notorious for its double espionage and cybercriminal activities, dubbed “Double Dragon” — which conducts personally financially motivated activities while carrying out Chinese state-sponsored espionage against government agencies.
They also have the names BARIUM, Winnti, LEAD, WICKED SPIDER, WICKED PANDA, Blackfly, Suckfly and Winnti Umbrella.
According to FireEye, APT41 blatantly engaged in financially motivated activities against the video game industry, including the manipulation of virtual currencies.
By accessing the game production environment, APT41 generated millions of dollars in virtual currency from popular games in less than 3 hours, according to IPCSC.
Additionally, the money was then distributed across multiple accounts and likely sold and laundered in hard-to-trace underground markets.
To add a cherry on top of their “personal financial gain” – they also targeted payment services that specialize in “in-game” transactions and real money transfer (RMT) purchases, and they resorted to ransomware to save their attempts, Because they can’t transfer the game currency.
According to a FireEye Intelligence report, the hacking group has been active since 2012, initially targeting the video game industry and then expanding to exploit national security holes in government agencies.
According to the report, APT41 targeted organizations in 14 countries, including Hong Kong, over seven years – France, India, Italy, Myanmar, Singapore, South Africa, Switzerland, Japan, Netherlands, South Korea, Thailand, Turkey, the United States and the United Kingdom.
APT41 is one such account, targeting medical device companies and pharmaceutical companies. This is shocking because with these devices, they want to know the public’s health history or the company’s research and development of a particular product – which would allow them to control the pharmaceutical market by producing the drugs they need or waging a biological weapons war – – How COVID-19 started is still speculative.
Likewise, APT27 is another Chinese hacking group that targets multiple organizations using the same tactics and tools as its counterpart APT41.
APT27 engages in intellectual property theft, typically focusing on data and projects reported by Mandiant. The organization targets global institutions, including North and South America, Europe and the Middle East. APT27 focuses on business services, high technology, government agencies and energy; Bose said, but mostly aerospace, transportation and tourism.
Recently, APTs attributed to China have become active due to tensions in Taiwan. According to the IPCSC, Taiwan has reportedly been under constant cyberattacks from APT27 – the latest targeting the National Taiwan University (NTU) on August 7.
The Chinese characters displayed on the website of National Taiwan University imply – “There is only one China in the world”. The attacks have been ongoing since the visit of U.S. House of Representatives Speaker Nancy Pelosi, according to Taiwan News.
APT27 released a Youtube video on August 3 threatening to conduct “special cyber operations” against Taiwan. The hacking group is also responsible for the series of cyberattacks, and has warned that more attacks are to come.
The hacking group claims that more than 200,000 Taiwan-connected devices are at their mercy. If Taiwan continues to stir up trouble, they will leak Taiwanese government data, jeopardize their national security, and declare some “zero-day Taiwanese equipment.” (ANI)
(This is an unedited and auto-generated story from the Syndicated News feed, the body of the content may not have been modified or edited by LatestLY staff)
[ad_2]
Source link