Security News > 2020 > November > China-linked hacking gang ‘APT10’ named as probable actor behind extended attacks on Japanese companies
Broadcom's security subsidiary Symantec has named a China-linked hacking gang known as "APT 10" and "Cicada" as the probable source of a year-long attack on Japanese interests around the world.
Symantec's analysis of the campaign detailed how APT 10 used custom malware named Backdoor.
Cicada may even have used those tools within China, an unusual act as criminal hacking gangs are generally happiest operating outside their own territory.
Symantec suggests Cicada did so because its mission was to hit Japanese companies' operations around the world and suck out data about those operations - especially from automotive companies.
Some of the efforts involved obfuscation techniques and shellcode on loader DLLs that Symantec has seen Cicada use in past attacks, leading the firm to name the gang with "Medium confidence".
News URL
https://go.theregister.com/feed/www.theregister.com/2020/11/19/apt_10_china_japan_attack/
Related news
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)
- Infosec experts fear China could retaliate against tariffs with a Typhoon attack (source)
- China names alleged US snoops over Asian Winter Games attacks (source)
- Active! Mail RCE flaw exploited in attacks on Japanese orgs (source)