Chinese hacking – Page 2 – WindowsTechs.com

‘China Chopper’ web shell makes a comeback in Lebanon, other Asian countries

Posted on August 27, 2019 by Shannon Vavra

Malicious code first discovered nine years ago that has historically been used by groups associated with Chinese state-backed hacks has made a comeback, according to new research from Cisco’s Security and Intelligence Research Group, Talos. The hacking tool is web shell known as China Chopper. A web shell is a script that allows attackers to remotely access servers running web applications. This particular web shell has long been known to be an exploit that’s often impervious to being outed and detected. “China Chopper is a slick little web shell that does not get enough exposure and credit for its stealth,” FireEye researchers wrote in 2013 in their blog on the matter. China Chopper’s code as historically been small, according to security researcher Keith Tyler, who wrote on the tool in 2012. That much appears to be the same now — Talos researchers note the most recent campaign has been “extremely simple,” containing just one […]

The post ‘China Chopper’ web shell makes a comeback in Lebanon, other Asian countries appeared first on CyberScoop.

Continue reading ‘China Chopper’ web shell makes a comeback in Lebanon, other Asian countries→

Chinese spies have been sucking up call records at multinational telecoms, researchers say

Posted on June 24, 2019 by Sean Lyngaas

Chinese hackers have hit the soft underbelly of global telecommunications companies to siphon off hundreds of gigabytes of data, according to an investigation by security company Cybereason. The long-running hacking campaign, which has breached about 10 cellular providers in Africa, Europe, the Middle East and Asia, bears all the hallmarks of an intelligence operation, Cybereason researchers said. In one instance, the spies targeted roughly 20 customers of a cellular provider. “No one siphons out hundreds of gigabytes of data about a very specific amount of individuals unless it’s for intelligence [purposes],” said Amit Serper, principal security researcher at Cybereason, which published research on the campaign Tuesday.“The attackers knew exactly what they were after.” Cybereason declined to name the breached telecommunications providers, but said they had hundreds of millions of customers in total. Since at least 2017, the hackers have burrowed their way, computer by computer, deep into the victim organizations until they had […]

The post Chinese spies have been sucking up call records at multinational telecoms, researchers say appeared first on CyberScoop.

Continue reading Chinese spies have been sucking up call records at multinational telecoms, researchers say→

Chinese-linked APT10 has been active in the Philippines, researchers say

Posted on May 24, 2019 by Sean Lyngaas

An elite Chinese government-linked hacking group known for allegedly stealing reams of data from U.S. organizations has been actively targeting entities in the Philippines, according to new research first shared with CyberScoop. During the month of April, the APT10 hacking group, which U.S. officials have tied to China’s civilian intelligence agency, has been using two new malicious software variants to deliver its payloads against targets in the Philippines, according to analysts from endpoint security firm enSilo. It is unclear what the goal of the targeting is, or who the victims are, enSilo researchers said. “Both the loader variants and their various payloads that we analyzed share similar tactics, techniques, and procedures, and code associated with APT10,” the firm wrote in research published Friday. The burst of activity could be a short-lived attack or a test run for a future campaign. But the researchers are trying to warn potential victims about changes in the […]

The post Chinese-linked APT10 has been active in the Philippines, researchers say appeared first on CyberScoop.

Continue reading Chinese-linked APT10 has been active in the Philippines, researchers say→

DHS briefs industry on shift in Chinese hacking that ‘increases the risk for all of us’

Posted on February 6, 2019 by Sean Lyngaas

U.S. officials on Wednesday continued to warn industry about the threat posed by Chinese government-backed hackers by detailing how those teams have evolved and urging companies to better secure IT services that can be an avenue for stealing proprietary data. “Their strategies have shifted from labor-intensive, one-off compromises of individual targets to the use of the force-multiplier effects that enable them to compromise multiple targets through a single attack,” Rex Booth, a Department of Homeland Security cyber official, said during a webinar presentation to the private sector. “That shift in strategies increases the risk for all of us.” The public webinar focused on APT10, a group tied to China’s civilian intelligence agency, the Ministry of State Security. Analysts say the MSS has supplanted the People’s Liberation Army to become Beijing’s preferred arm for conducting economic espionage. U.S. officials and security researchers say APT10 has targeted the “managed service providers” that […]

The post DHS briefs industry on shift in Chinese hacking that ‘increases the risk for all of us’ appeared first on CyberScoop.

Continue reading DHS briefs industry on shift in Chinese hacking that ‘increases the risk for all of us’→

Fighting Chinese cyber-espionage could cost U.S. 5G dominance

Posted on July 30, 2018 by Ryan Duffy

As the U.S. government works to neutralize its Chinese counterparts’ efforts to conduct surveillance via commercial telecom products, it may unintentionally jeopardize the United States’ bid to beat China to a nationwide 5G network. This summer, U.S. officials, policymakers and allies have cracked down on Huawei and ZTE, two large Chinese smartphone and telecommunications equipment manufacturers. The pair are believed to have a cozy relationship with the Chinese Communist Party and People’s Liberation Army. Washington fears that relationship could lead Beijing to tap into equipment owned by those companies to siphon sensitive information and possibly lay the groundwork for cyberattacks. But many industry, trade and technological experts are worried the measures may come at a steep price. The quest to upend China’s surveillance capabilities may be hurting America’s competitiveness in the race to develop and roll out 5G wireless technology. The dilemma presents the latest — and perhaps fiercest — technological showdown between Washington […]

The post Fighting Chinese cyber-espionage could cost U.S. 5G dominance appeared first on Cyberscoop.

Continue reading Fighting Chinese cyber-espionage could cost U.S. 5G dominance→

Chinese, Russian hacking groups spy on South Korea amid U.S.-North Korea peace talks

Posted on June 5, 2018 by Ryan Duffy

Ahead of the Trump-Kim summit in Singapore next week, U.S. cybersecurity researchers say that Russian and Chinese hackers are scaling up cyber-espionage operations against South Korea. Cybersecurity giant FireEye found that operations targeting South Korean government ministries and financial institutions were carried out as recently as last month. The firm uncovered multiple incidents of hacking attempts linked to Russian and Chinese advanced persistent threat (APT) groups. The revelations underscore the complicated threat landscape facing Seoul. It is still unclear who exactly was targeted and whether the attackers succeeded in breaching important political organizations, FireEye researchers said. South Korea, a key U.S. ally, must play a delicate balancing act. It has vowed to pursue a diplomatic breakthrough and angled for a better relationship with its northern neighbor, but all bets are off in cyber space. As CyberScoop recently reported, despite Pyongyang and Seoul vowing to pacify the Korean Peninsula, the latter […]

The post Chinese, Russian hacking groups spy on South Korea amid U.S.-North Korea peace talks appeared first on Cyberscoop.

Continue reading Chinese, Russian hacking groups spy on South Korea amid U.S.-North Korea peace talks→

China’s new law calls on private industry to hand over valuable cyber threat data

Posted on January 2, 2018 by Chris Bing

The new year marked the beginning of yet another Chinese cybersecurity law that could have a big impact on U.S.-based technology companies. Known as the “Public Internet Cybersecurity Threat Monitoring and Mitigation Measures,” the rules call on private companies conducting business in China to report and hand over cyberthreat information to the government’s Ministry of Industry and Information Technology (MIIT). China founded the MIIT in 2008 in order to regulate the country’s burgeoning information technology industry. The law instructs companies to turn over information regarding both cyberattacks they’ve faced and also any “cyber threat intelligence” they own. Cyber threat intelligence is typically collected by cybersecurity firms and software giants like Microsoft and used to strengthen security operations. The regulation states: “after cybersecurity threats are discovered by relevant professional organizations, basic telecommunication enterprises, cybersecurity enterprises, Internet companies, domain name registration management and service organs … information shall be submitted to MIIT, provincial, autonomous […]

The post China’s new law calls on private industry to hand over valuable cyber threat data appeared first on Cyberscoop.

Continue reading China’s new law calls on private industry to hand over valuable cyber threat data→