Security News > 2020 > November > China-linked hacking gang ‘APT10’ named as probable actor behind extended attacks on Japanese companies
Broadcom's security subsidiary Symantec has named a China-linked hacking gang known as "APT 10" and "Cicada" as the probable source of a year-long attack on Japanese interests around the world.
Symantec's analysis of the campaign detailed how APT 10 used custom malware named Backdoor.
Cicada may even have used those tools within China, an unusual act as criminal hacking gangs are generally happiest operating outside their own territory.
Symantec suggests Cicada did so because its mission was to hit Japanese companies' operations around the world and suck out data about those operations - especially from automotive companies.
Some of the efforts involved obfuscation techniques and shellcode on loader DLLs that Symantec has seen Cicada use in past attacks, leading the firm to name the gang with "Medium confidence".
News URL
https://go.theregister.com/feed/www.theregister.com/2020/11/19/apt_10_china_japan_attack/
Related news
- Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations (source)
- China Possibly Hacking US “Lawful Access” Backdoor (source)
- China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it (source)
- China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns (source)
- China's Volt Typhoon reportedly breached Singtel in 'test-run' for US telecom attacks (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)