Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label ATP. Show all posts

Multiple Chinese Hacker Outfits are Targeting Organisations Worldwide

 

Western intelligence services and cybersecurity organisations have lately identified many Chinese hacker outfits. These groups are said to be behind global campaigns of digital espionage that are directed at corporations, media outlets, and institutions of international business and the military. 

Chinese officials have consistently denied any involvement in state-sponsored hacking, despite cybersecurity firms' belief that many of these teams are supported by the Chinese government. Security experts claim that China is also a common target for cyberattacks and have called the United States a "empire of hacking."

Here are multiple widely recognised hacking groups with Chinese origins.

STORM-0558 

Since May, there have been allegations that Chinese hackers had gained access to the email accounts of roughly 25 different companies, including Microsoft and U.S. government agencies.

Based on multiple reports, the stolen accounts belong to Gina Raimondo, the secretary of commerce for the United States, Nicholas Burns, the ambassador to China, and Daniel Kritenbrink, the assistant secretary of state for East Asia. 

Microsoft claimed that a Chinese actor going by the handle Storm-0558 misused one of its cryptographic keys and then employed a bug in the code to steal emails. The Chinese embassy in Washington denied the claims and issued a warning against making false accusations regarding the origin of cyber attacks. 

Volt Typhon

Earlier this year on May 24, Volt Typhoon, a state-sponsored organisation, was charged by Microsoft and Western intelligence agencies of engaging in major cyber-espionage against several vital infrastructure organisations in the United States, including telecommunications and transportation centres.

One of the biggest Chinese cyber espionage campaigns to target crucial American infrastructure was said to have taken place in 2023, according to reports. These accusations were refuted by China's foreign ministry.

APT 41 

APT 41, also known as Wintti, Double Dragon, and Amoeba, has been involved in government-backed cyber incursions and financially driven data breaches, noted US-based cybersecurity firms FireEye and Mandiant. 

According to the US Secret Service, the group was involved in stealing tens of millions of dollars in COVID-19 relief benefits from 2020 to 2022. Taiwan-based cybersecurity firm TeamT5 reported APT 41's targeting of government, telecommunications, and media groups in multiple nations, including Japan, Taiwan, South Korea, the United States, and Hong Kong. 

APT 41 was linked by the U.S. Department of Justice to bring charges against seven hackers who were convicted of hacking into more than hundred companies worldwide in September 2020. However, these reports have been dismissed by Chinese authorities as "groundless accusations." 

APT 27 

Western intelligence agencies and cybersecurity experts accuse the Chinese hacking group APT 27, which they claim is state-sponsored, of carrying out several attacks on Western and Taiwanese government institutions.

When Nancy Pelosi, the speaker of the U.S. House of Representatives, visited Taiwan in 2022, APT 27 claimed responsibility for the hacks, claiming it was a response to her rejection of China's warnings. 

Between May 2021 and February 2022, according to Mandiant, the group infiltrated the computer networks of at least six state governments in the United States, while APT 27 was held accountable by German authorities for assaults on German pharmaceutical, technology, and other businesses.