Thrip – WindowsTechs.com

Hong Kong targeted in new sweeping mobile malware campaign

Posted on March 27, 2020 by Shannon Vavra

A new spate of iOS and Android mobile malware attacks capable of taking control of devices, and tracking GPS location, phone call history, contacts, and text messages has been unleashed on targets in Hong Kong in the last several months, according to multiple cybersecurity companies. The attackers, which Kaspersky suspects are Chinese-speaking, lure their victims by posting links to local news sites in general discussion sections of forums that are popular among Hong Kong residents. But when victims click through to see the news, attackers deploy a hidden iFrame that runs an iOS malware variant, a modular backdoor. Trend Micro researchers have also found this malware, dubbing it “LightSpy.” Some of the lures include content on protests in Hong Kong. They also touch on information about the novel coronavirus and sex. The Android portion of the campaign is being distributed through Instagram posts and Telegram channels, with lures encouraging victims to download […]

The post Hong Kong targeted in new sweeping mobile malware campaign appeared first on CyberScoop.

Continue reading Hong Kong targeted in new sweeping mobile malware campaign→

Symantec finds a ‘new’ Chinese hacking group has actually been around for a decade

Posted on September 9, 2019 by Shannon Vavra

A Chinese cyber-espionage group that Symantec first exposed last June may actually be part of another group that has already been discovered, according to the company’s researchers. The group, which Symantec last labeled as “Thrip,” have attacked targets in 12 organizations in Hong Kong, Macau, Indonesia, Malaysia, the Philippines and Vietnam since it was first identified. Additionally, researchers say it has returned with a new custom-built tool. “When they came back in October [or] November, we see [Thrip] using a brand new tool which is built from scratch [that] we’ve never seen before,” Vikram Thakur, a technical director at Symantec told CyberScoop. “[The hackers] pause, retool, regroup and then they continue their mission.” However, Symantec’s analysis of a backdoor the group has been using, known as Sagerunex, reveals Thrip is likely another threat group — known Billbug or Lotus Blossom — that has been operating against targets in South Asia […]

The post Symantec finds a ‘new’ Chinese hacking group has actually been around for a decade appeared first on CyberScoop.

Continue reading Symantec finds a ‘new’ Chinese hacking group has actually been around for a decade→

China Cyberespionage Group Hacks Satellite, Telecom and Defense Firms

Posted on June 21, 2018 by Lucian Constantin

Over the past year, a known cyberespionage group from China has been targeting satellite communications companies, telecom operators and defense firms from the United States and Southeast Asia. The group, tracked as Thrip by researchers from Symantec,… Continue reading China Cyberespionage Group Hacks Satellite, Telecom and Defense Firms→

Chinese hacking group resurfaces, targets U.S. satellite companies and systems

Posted on June 19, 2018 by Chris Bing

A Chinese-linked hacking group began targeting at least two different U.S.-based satellite companies, a Defense Department contractor and another private firm that sells geospatial imaging technology in late 2017, according to new research by Symantec. The focused hacking campaign appears to have been originally launched around the same time as talks about a U.S.-China trade war — which is now in full swing — were heating up late last year. Symantec discovered and notified the U.S. government about the malicious cyber activity roughly four months ago, according to Jon DiMaggio, a senior threat intelligence analysts with Symantec, who led the investigation. Tuesday’s findings show that the attackers, dubbed “Thrip” by analysts, have reemerged after they seemingly went underground for more than two years. The group stopped operations after a historic political agreement in 2015 between then U.S. President Barack Obama and Chinese President Xi Jinping. That agreement sought to deter cyber-enabled […]

The post Chinese hacking group resurfaces, targets U.S. satellite companies and systems appeared first on Cyberscoop.

Continue reading Chinese hacking group resurfaces, targets U.S. satellite companies and systems→