Court hands Microsoft control of websites linked to spying by Chinese hackers

Microsoft obtained a court order to seize websites from a Chinese government-linked espionage group that was using the sites to attack government agencies, think tanks and human rights organizations in 29 countries, the company said Monday. The legal move is aimed at a hacking outfit that Microsoft calls Nickel, which is also known as APT15, Ke3chang or Vixen Panda. It’s been around since at least 2010, and frequently spies on foreign affairs of interest to China. “Obtaining control of the malicious websites and redirecting traffic from those sites to Microsoft’s secure servers will help us protect existing and future victims while learning more about Nickel’s activities,” wrote Tom Burt, Microsoft’s corporate vice president for customer security and trust. “Our disruption will not prevent Nickel from continuing other hacking activities, but we do believe we have removed a key piece of the infrastructure the group has been relying on for this […]

The post Court hands Microsoft control of websites linked to spying by Chinese hackers appeared first on CyberScoop.

Continue reading Court hands Microsoft control of websites linked to spying by Chinese hackers

Active Chinese hacking campaign targeted diplomats from Slovakia, South America

Suspected Chinese hackers who have haunted military and government targets for a generation have updated their malicious software tools to target diplomatic missions. The Ke3chang cyber-espionage group has been active since at least 2010, researchers say, gathering intelligence about international government contractors, military organizations and breached computers used by foreign ministries before the 2012 G20 Summit, according to FireEye. Now, there’s new evidence the group updated its tactics in a series of attacks aimed at diplomats in Belgium, Brazil, Chile, Guatemala, and Slovakia. Security specialists at the Slovakian antivirus company ESET published research Thursday demonstrating how the Ke3chang group used a technical backdoor, Okrum, and an updated version of the Ketrican malware. The hacking tools allow Ke3chang hackers to intercept information about victims, including their username, IP address, operating system and build number, their language and country name, and other communication. ESET’s research contains findings dating back to 2015, when […]

The post Active Chinese hacking campaign targeted diplomats from Slovakia, South America appeared first on CyberScoop.

Continue reading Active Chinese hacking campaign targeted diplomats from Slovakia, South America