Tag Archive for: china

Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years

/in


Indian Hack-for-Hire Group

An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade.

The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while carrying out covert hacking operations since at least 2009.

In May 2013, ESET disclosed a set of cyber attacks targeting Pakistan with information-stealing malware. While the activity was attributed to a cluster tracked as Hangover (aka Patchwork or Zinc Emerson), evidence shows that the infrastructure is owned and controlled by Appin.

“The group has conducted hacking operations against high value individuals, governmental organizations, and other businesses involved in specific legal disputes,” SentinelOne security Tom Hegel said in a comprehensive analysis published last week.

“Appin’s hacking operations and overall organization appear at many times informal, clumsy, and technically crude; however, their operations proved highly successful for their customers, impacting world affairs with significant success.”

Cybersecurity

The findings are based on non-public data obtained by Reuters, which called out Appin for orchestrating data theft attacks on an industrial scale against political leaders, international executives, sports figures, and others. The company, in response, has dismissed its connection with the hack-for-hire business.

One of the core services offered by Appin was a tool named “MyCommando” (aka GoldenEye or Commando) that allowed its customers to log in to view and download campaign-specific data and status updates, communicate securely, and choose from various task options that range from open-source research to social engineering to a trojan campaign.

The targeting of China and Pakistan is confirmation that an Indian-origin mercenary group has been roped in to conduct state-sponsored attacks. Appin has also been identified as behind the macOS spyware known as KitM in 2013.

What’s more, SentinelOne said it also identified instances of domestic targeting with the goal of stealing login…

Source…

Industrial and Commercial Bank of China suffers ransomware attack; trades in US Treasury market disrupted: Report

/in


Industrial and Commercial Bank of China (ICBC), the country’s largest commercial lender by assets, reportedly suffered a ransomware attack on Thursday that disrupted the trades in the US Treasury market. However, the impact of the ransomware attack seemed to be limited, Reuters reported.

In a statement, ICBC Financial Services said a ransomware attack resulted in disruption to certain systems and it was conducting an investigation and “progressing its recovery efforts.”

The bank said it had successfully cleared Treasury trades executed on Wednesday and repurchase agreements (repo) financing trades done on Thursday.

The Treasury trades executed on Wednesday and repurchase agreements (repo) financing trades done on Thursday had been successfully cleared, the bank said.

(Exciting news! Mint is now on WhatsApp Channels :rocket: Subscribe today by clicking the link and stay updated with the latest financial insights! Click here!)

Bloomberg reported citing people familiar with the situation that a prolific criminal gang known as Lockbit is suspected to have orchestrated the hack.

According to some market participants, trades going through ICBC were not settled due to the attack and this affected market liquidity, Reuters reported.

In ransomware attacks, hackers encrypt an organization’s systems and demand ransom payments in exchange for unlocking them. 

The Financial Times earlier had reported that the US Securities Industry and Financial…

Source…

China Accused of Massive IP Theft, AI Hacking by Five Eyes Intelligence Alliance

/in


China stands accused of stealing intellectual property and using artificial intelligence to hack and spy on other nations at an unprecedented scale.

As Reuters reports, the accusations come from the Five Eyes intelligence alliance—which comprises the United States, Britain, Canada, Australia, and New Zealand—following meetings with private US companies in Silicon Valley. The theft is occurring across a wide range of sectors, covering everything from quantum technology and robotics to biotechnology and AI.

FBI Director Christopher Wray referred to China as an “unprecedented threat,” and said, “China has long targeted businesses with a web of techniques all at once: cyber intrusions, human intelligence operations, seemingly innocuous corporate investments and transactions … Every strand of that web had become more brazen, and more dangerous.”

Mike Burgess, the Australian Security Intelligence Organisation’s director-general, added: “The Chinese government is engaged in the most sustained scaled and sophisticated theft of intellectual property and expertise in human history.”

Chinese government spokesman Liu Pengyu responded to the accusations, stating, “We firmly oppose to the groundless allegations and smears towards China and hope the relevant parties can view China’s development objectively and fairly.”

Earlier this year, when Microsoft caught China spying on critical western infrastructure, the Chinese government responded by claiming it was just a “collective disinformation campaign” by the US and its allies.

This is the first time all members of Five Eyes have publicly called out China’s actions collectively. In response, the alliance is hoping both private industry and academia will help to counter the threats, which Wray describes as “a bigger hacking program than that of every other major nation combined.”

Source…

Did U.S. hack China? NSA dodges question

/in



American cyber officials are avoiding complaints from the Chinese government that the National Security Agency hacked into China’s sensitive networks and stole intellectual property.

Source…