Category Archives: APT12

FireEye denies ‘hack back’ claims detailed in new book

Posted on by

The company that authored a watershed report on how Chinese hackers operate is pushing back against claims in a new book that the research was conducted through the use of illegal offensive hacking techniques. In “The Perfect Weapon: War, Sabotage, and Fear in the Cyber Age,”  New York Times national security correspondent David Sanger writes that the U.S.-based cybersecurity firm Mandiant penetrated a Chinese military cyber unit after it hacked into one of its customer’s systems in order to nail down attribution. According to Sanger, while Mandiant observed Chinese hackers breaching a client several years ago, they used it as an opportunity to target the attackers’ systems, which allowed access to a video camera that exposed the hackers’ faces:  [Then CEO Kevin Mandia] was certain the hackers were part of Unit 61398, but he also knew that accusing the Chinese military directly would constitute a huge step for his company. Over seven years, he […]

The post FireEye denies ‘hack back’ claims detailed in new book appeared first on Cyberscoop.

Continue reading FireEye denies ‘hack back’ claims detailed in new book

Leaked Hacking Team tools were used by group stealing East Asian IP

Posted on by

A sophisticated and “well-funded” hacking group with a penchant for stealing intellectual property and other trade secrets is wreaking havoc in East Asia by exploiting a series of old, publicly acknowledged software vulnerabilities, according to research conducted by TrendMicro. The findings are significant because it exposes an active regional threat that continues to invest in new hacking capabilities — including unique backdoor implants and an exfiltration tools — while apparently running multiple, active economic espionage operations. Dubbed “BlackTech” by security reachers, the clandestine unit is believed to be associated with three separate campaigns dating back to at least 2010. During that time frame, BlackTech relied on a similar server infrastructure to launch attacks but used various different tools and techniques against organizations, allowing them to move laterally across victim networks and ultimately attempt to exfiltrate sensitives files. “We are confident attributing these three campaigns to BlackTech given the backend infrastructure used and target overlap,” […]

The post Leaked Hacking Team tools were used by group stealing East Asian IP appeared first on Cyberscoop.

Continue reading Leaked Hacking Team tools were used by group stealing East Asian IP