Chinese hackers attack government ministries and military factories around the world

Hackers based in China have attacked military industrial factories, research institutes, government agencies and ministries in several countries and have even been able to hijack the IT infrastructure of some, taking control of the systems used to manage security solutions. safety, a new report has revealed.

Researchers in a cybersecurity company Kaspersky detected a wave of targeted attacks against companies of the military-industrial complex and public institutions in several countries of Eastern Europe and Afghanistan.

“During our research, we were able to identify more than a dozen organizations under attack,” the researchers said.

The analysis suggests that “it is highly likely that a Chinese-speaking group was behind the attacks.”

Researchers tagged TA428, a Chinese speaking APT group, behind the series of attacks using six backdoor malware.

The attackers penetrated the corporate network using carefully crafted phishing emails.

“During our investigation, we discovered that in some cases attackers create phishing emails using information that is not publicly available, such as the full names of employees responsible for handling sensitive information. , as well as internal codenames of projects developed by attacked organizations,” the team noted.

Phishing emails contain Microsoft Word documents containing embedded malicious code that exploits the CVE-2017-11882 vulnerability, which allows an attacker to execute arbitrary code without additional user activity.

In the new series of attacks, attackers used six different backdoors at the same time, presumably to set up redundant communication channels with infected systems in case one of the malware was detected and removed by a solution. of security.

“The backdoors used provide extensive functionality to control infected systems and collect confidential data,” Kaspersky said.

The attack targeted industrial facilities, design offices and research institutes, government agencies, ministries and departments in several Eastern European countries (Belarus, Russiaand Ukraine), as well as Afghanistan, he added.


Ashley C. Reynolds