November 23, 2024 07:15 (IST)
Follow us:
facebook-white sharing button
twitter-white sharing button
instagram-white sharing button
youtube-white sharing button
'Third World War has begun:' Ex-Ukraine military commander-in-chief Valery Zaluzhny | UK-India Free Trade Agreement negotiations to resume in early 2024 | UK can arrest Benjamin Netanyahu if he visits country based on ICC warrant | Centre to send over 10,000 additional soldiers to violence-hit Manipur amid fresh violence | Chhattisgarh: 10 Maoists killed during encounter with security forces in Sukma
Chinese hacking group is targeting governments across Asia, says security firm Check Point

Chinese hacking group is targeting governments across Asia, says security firm Check Point

| @indiablooms | 08 May 2020, 12:14 pm

Beijing/IBNS: When the world is busy combating COVID-19, a Chinese hacking group has been conducting “ongoing” espionage operations on foreign governments across Asia, a security firm said.

China is believed to be the nation from where the coronavirus originated.

Security firm Check Point said: "By comparing with previously reported activity, we can conclude that the Naikon APT group has been persistently targeting the same region in the last decade. In operations following the original 2015 report, we have observed the use of a backdoor named Aria-body against several national governments, including Australia, Indonesia, the Philippines, Vietnam, Thailand, Myanmar and Brunei."

"The targeted government entities include ministries of foreign affairs, science and technology ministries, as well as government-owned companies," it said.

Interestingly, the group has been observed expanding its footholds on the various governments within APAC by launching attacks from one government entity that has already been breached, to try and infect another.

In one case, a foreign embassy unknowingly sent malware-infected documents to the government of its host country, showing how the hackers are exploiting trusted, known contacts and using those them to infiltrate new organizations and extend their espionage network, the security firm said.

"Given the characteristics of the victims and capabilities presented by the group, it is evident that the group’s purpose is to gather intelligence and spy on the countries whose Governments it has targeted," it said.

It further said: "In this campaign, we uncovered the latest iteration of what seems to be a long-running Chinese-based operation against various government entities in APAC. This specific campaign leveraged both common toolsets like RoyalRoad RTF weaponizer, as well as a specially crafted backdoor named Aria-body."

While the Naikon APT group has kept under the radar for the past 5 years, it appears that they have not been idle, said Check Point.

"In fact, quite the opposite. By utilizing new server infrastructure, ever-changing loader variants, in-memory fileless loading, as well as a new backdoor – the Naikon APT group was able to prevent analysts from tracing their activity back to them," the firm concluded.

Support Our Journalism

We cannot do without you.. your contribution supports unbiased journalism

IBNS is not driven by any ism- not wokeism, not racism, not skewed secularism, not hyper right-wing or left liberal ideals, nor by any hardline religious beliefs or hyper nationalism. We want to serve you good old objective news, as they are. We do not judge or preach. We let people decide for themselves. We only try to present factual and well-sourced news.

Support objective journalism for a small contribution.
Related Images
Xi Jinping, Putin in Russia 22 Mar 2023, 02:56 pm
Related Videos