This Asia-Pacific Cyber Espionage Campaign Went Undetected for 5 Years

2020-05-07 02:59

An advanced group of Chinese hackers has recently been spotted to be behind a sustained cyber espionage campaign targeting government entities in Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar, and Brunei-which went undetected for at least five years and is still an ongoing threat.

The group, named 'Naikon APT,' once known as one of the most active APTs in Asia until 2015, carried out a string of cyberattacks in the Asia-Pacific region in search of geopolitical intelligence.

According to the latest investigation report Check Point researchers shared with The Hacker News, the Naikon APT group had not gone silent for the last 5 years, as initially suspected; instead, it was using a new backdoor, called "Aria-body," to operate stealthily.

A Geo-Political Intelligence Campaign First documented in 2015, the Naikon APT group uses crafted email lures as an initial attack vector against top-level government agencies and civil and military organizations, which, when opened, installed spyware that exfiltrated sensitive documents to remote command-and-control servers.

Ties to Naikon APT Check Point said it attributed the campaign to the Naikon APT based on code similarities in Aria-body and the espionage tool detailed by Kaspersky in 2015, as well as in the use of C2 domains that resolve to the same IP address as the domains mentioned by the latter.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/3mdfxlhuBic/asia-pacific-cyber-espionage.html

#asia #cyberespionage #espionage

News URL

Related news