Home / Security / Chinese cyber spies are stealing money from video game firms on the side

Chinese cyber spies are stealing money from video game firms on the side

EU rethinks relationship with China as new corporate espionage case surfaces
A new case of suspected Chinese industrial espionage highlights Europe’s tricky balancing act between exploiting opportunities in China and guarding against the theft of technology back home.

Members of a prolific state-sponsored Chinese cyber espionage operation are using their hacking skills to carry out financially motivated cyber attacks against targets around the world.

Dubbed APT41 by researchers at FireEye, the group spies on organisations worldwide across 15 sectors, including healthcare, high-tech, telecommunications and higher education.

The attacks coincide with ‘Made in China 2025’, Beijing’s strategy to push China towards producing higher value products and services – and it isn’t unknown for hackers working out of the country to attempt to steal data to help reach this goal.

However, analysis by researchers found members of APT41 are also employing their hacking skills on the side, using them to conduct attacks purely for financial gain, predominantly against the video game industry.

 Jacqueline O’Leary, senior threat intelligence analyst at FireEye,  says the hackers are moonlighting from their spying duties, “working on espionage at certain times of the day, then [running] financially motivated [attacks] at other hours”  

FireEye has identified two individuals who are highly likely to be Chinese espionage contractors working for APT41 and has traced their activity back to 2012, where the main focus of the pair was attacking video games companies and players for profit.

“It probably started out as a personal interest with things they’re familiar with. A lot of the techniques and procedures they used in the video game targeting would become crucial in their espionage activity later on,” O’Leary told ZDNet.

Since 2014 the attackers have also conducted cyber espionage to steal strategic intelligence for China.  

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic) 

APT41 is believed to have 46 different types of malware at its disposal – some exclusive to the group, while others are used by Chinese hacking groups in general, with some tools adopted by other operations working on behalf of Beijing.

Backdoors, credential stealers, keyloggers, and rootkits feature in APT41’s arsenal and like many hacking campaigns, the attacks typically begin with spearphishing emails.

Organisations in France, India, Italy, Japan, Myanmar, the Netherlands, Singapore, South Korea, South Africa, Switzerland, Thailand, Turkey, the United Kingdom, the United States, and Hong Kong have been targeted by what’s described as a prolific espionage operation.

“They’ve shown persistence and agility in getting onto systems, even after they’ve been remediated. They’ve also been able to breach a large number of systems at one time,” said O’Leary.

“Over the years they’ve been one of the most consistent groups we’ve seen – they’re very broad in their targeting across industries and geographies and they’re very active.”

FireEye has detailed APT41’s campaigns – both in cyber espionage and in cyber crime – in their full report on the group.

READ MORE ON CYBER CRIME


Source link

About

Check Also

3 out of 4 phishing scams get to your inbox untouched

Does it still stink? Getty Images/iStockphoto Apple sends me so many invoices every week that ...

Leave a Reply

Your email address will not be published. Required fields are marked *