December 13, 2024 07:52 (IST)
Follow us:
facebook-white sharing button
twitter-white sharing button
instagram-white sharing button
youtube-white sharing button
UP teenager kills mother, lives with body for 5 days | At least six people including a child killed in Tamil Nadu hospital fire | Amid Atul Subhash row, SC says mere harassment is not enough to prove abetment to suicide | India's D Gukesh becomes youngest ever world champion in chess | Devendra Fadnavis meets PM Modi amid suspense over Maharashtra portfolio allocation | Congress wants to deviate the issue of Sonia Gandhi-George Soros link: JP Nadda | Bengaluru techie suicide: Atul Subhash's family demanded Rs. 10 lakh as dowry leading to my father's death, claims estranged wife | Syria rebels torch tomb of ousted president Bashar al-Assad's father | Donald Trump vows to eliminate birthright citizenship after taking charge | No alliance with Congress in Delhi polls: AAP chief Arvind Kejriwal

Chinese hacking group is targeting governments across Asia, says security firm Check Point

| @indiablooms | May 08, 2020, at 05:44 pm

Beijing/IBNS: When the world is busy combating COVID-19, a Chinese hacking group has been conducting “ongoing” espionage operations on foreign governments across Asia, a security firm said.

China is believed to be the nation from where the coronavirus originated.

Security firm Check Point said: "By comparing with previously reported activity, we can conclude that the Naikon APT group has been persistently targeting the same region in the last decade. In operations following the original 2015 report, we have observed the use of a backdoor named Aria-body against several national governments, including Australia, Indonesia, the Philippines, Vietnam, Thailand, Myanmar and Brunei."

"The targeted government entities include ministries of foreign affairs, science and technology ministries, as well as government-owned companies," it said.

Interestingly, the group has been observed expanding its footholds on the various governments within APAC by launching attacks from one government entity that has already been breached, to try and infect another.

In one case, a foreign embassy unknowingly sent malware-infected documents to the government of its host country, showing how the hackers are exploiting trusted, known contacts and using those them to infiltrate new organizations and extend their espionage network, the security firm said.

"Given the characteristics of the victims and capabilities presented by the group, it is evident that the group’s purpose is to gather intelligence and spy on the countries whose Governments it has targeted," it said.

It further said: "In this campaign, we uncovered the latest iteration of what seems to be a long-running Chinese-based operation against various government entities in APAC. This specific campaign leveraged both common toolsets like RoyalRoad RTF weaponizer, as well as a specially crafted backdoor named Aria-body."

While the Naikon APT group has kept under the radar for the past 5 years, it appears that they have not been idle, said Check Point.

"In fact, quite the opposite. By utilizing new server infrastructure, ever-changing loader variants, in-memory fileless loading, as well as a new backdoor – the Naikon APT group was able to prevent analysts from tracing their activity back to them," the firm concluded.

Support Our Journalism

We cannot do without you.. your contribution supports unbiased journalism

IBNS is not driven by any ism- not wokeism, not racism, not skewed secularism, not hyper right-wing or left liberal ideals, nor by any hardline religious beliefs or hyper nationalism. We want to serve you good old objective news, as they are. We do not judge or preach. We let people decide for themselves. We only try to present factual and well-sourced news.

Support objective journalism for a small contribution.
Related Images
Xi Jinping, Putin in Russia Mar 22, 2023, at 08:26 pm