#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Chinese Hackers | Breaking Cybersecurity News | The Hacker News

Anthem Data Breach — 6 Things You Need To Know

Anthem Data Breach — 6 Things You Need To Know

Feb 07, 2015
The Nation's second largest Health insurer company, Anthem , alerted its customers on Wednesday that hackers had stolen the personal information of over 80 Millions of its customers, making it the largest data breach and double the number of payment cards affected by Target data breach occurred in 2013. The stolen personal information includes residential addresses, birthdays, medical identification numbers, Social Security Numbers, email addresses and some income data belonging to both current and former customers and employees, including its own chief executive. 80 Million is a vast number — it's roughly the populations of California, Texas and Illinois when combined together. So far, there is no evidence whether financial or medical information of the company's customers was compromised, according to a statement given by Anthem's vice president, Kristin Binns. The health giant, based in Indianapolis, has hired cybersecurity firm FireEye's Mandiant division to wo
China Demands Tech Companies to give them Backdoor and Encryption Keys

China Demands Tech Companies to give them Backdoor and Encryption Keys

Feb 03, 2015
A number of western companies are doing big business in China, but now they may have to pay a huge value for to do so. China has introduced strict new banking cyber security regulations on western companies selling technology to Chinese banks. The Chinese government wants backdoors installed in all technologies that imports into the Middle Kingdom for the benefit of Chinese security services. The latest rules also state that western companies must hand over the Encryption Keys and secret source code as well. The requirements are so absurd that it would be impossible for companies like Apple to comply, which could harm American businesses. " The Chinese government has adopted new regulations requiring companies that sell computer equipment to Chinese banks to turn over secret source code, submit to invasive audits and build so-called back doors into hardware and software, according to a copy of the rules obtained by foreign technology companies that do billions of do
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Chinese Spies Stole Australia’s New F-35 Lightning-II fighter Jet Design, Snowden Reveals

Chinese Spies Stole Australia's New F-35 Lightning-II fighter Jet Design, Snowden Reveals

Jan 19, 2015
The latest document release by Edward Snowden revealed the industrial-scale cyber-espionage operation of China to learn the secrets of Australia's next front-line fighter aircraft – the US-built F-35 Joint Strike Fighter (JSF) . Chinese spies stole " many terabytes of data " about the design of Australia's Lockheed Martin F-35 Lightning II JSF, according to top secret documents disclosed by former US National Security Agency intelligence contractor Edward Snowden to German magazine Der Spiegel . Chinese spies allegedly stole as much as 50 terabytes of data, including the details of the fighter's radar systems, engine schematics, "aft deck heating contour maps," designs to cool exhaust gases and the method the jet uses to track targets. So far, the F-35 Lightning II JSF is the most expensive defence project in the US history. The fighter aircraft, manufactured by US-based Lockheed Martin, was developed at a cost of around $400 billion (£230 billion). Beijin
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
'DeathRing' Chinese Malware Found Pre-Installed On Several Smartphones

'DeathRing' Chinese Malware Found Pre-Installed On Several Smartphones

Dec 06, 2014
Malware authors are trying hard to create malicious software with more innovative ways to infect victims. A new mobile Trojan horse infection has been discovered by security researchers that comes pre-loaded onto low-cost Chinese-made Android smartphones popular in Asia and Africa. The trojan, dubbed DeathRing , is a Chinese Trojan that masquerades as a ringtone app and comes pre-installed onto some cheap Android smartphones most popular in Asian and African countries including Vietnam, Indonesia, India, Nigeria, Taiwan, and China. DeathRing malware app cannot be uninstalled or removed by the end user or by antimalware software because it comes pre-installed in the system directory of the handsets at an unknown point within the supply chain, making the threat even more severe. WHAT DOES DEATHRING DO? Though the malware pretends to be a genuine ringtone app, but actually downloads SMS and WAP content from its command-and-control server to the victim's handset, which
Suspected Wirelurker iOS Malware Creators Arrested in China

Suspected Wirelurker iOS Malware Creators Arrested in China

Nov 18, 2014
It's been almost two weeks since the WireLurker malware existence was revealed for the first time, and Chinese authorities have arrested three suspects who are allegedly the authors of the Mac- and iOS-based malware that may have infected as many as hundreds of thousands of Apple users. The Beijing Bureau of Public security has announced the arrest of three suspects charged with distributing the WireLurker malware through a popular Chinese third-party online app store. The authorities also say the website that was responsible for spreading the malware has also been shut down. "WireLurker" malware was originally discovered earlier this month by security firm Palo Alto Networks targeting Apple users in China. The malware appeared as the first malicious software program that has ability to penetrate the iPhone's strict software controls. The main concern to worry about this threat was its ability to attack non-jailbroken iOS devices. Once a device infected
Chinese Telecom Routes Russian Domestic Internet Traffic through China

Chinese Telecom Routes Russian Domestic Internet Traffic through China

Nov 11, 2014
Russian Internet traffic, including the domestic one, has continuously been re-routed outside the country due to routing errors by China Telecom , which could result in compromising the security of Russian communications. Internet monitoring service Dyn reported Thursday in a blog post that the apparent networking fault is due to the weakness in the Border gateway protocol (BGP) , which forms the underpinning of the Internet's global routing system. The problem started after the BGP peering agreement signed between the China Telecom and top Russian mobile provider Vimpelcom in order to save money on transit operators, so that some of the domestic traffic may carried over the other's network rather than through a more expensive transit operator. Under this deal, Russian domestic traffic was repeatedly being routed to routers operated by China Telecom. Routing Traffic allows law enforcement agencies and hackers with the ability to monitor. " Unlike other routin
Chinese Hackers Hacked Into U.S. Defense Contractors 20 Times In Just One Year

Chinese Hackers Hacked Into U.S. Defense Contractors 20 Times In Just One Year

Sep 18, 2014
Chinese hackers associated with the Chinese government have successfully infiltrated the computer systems of U.S. defense contractors working with the government agency responsible for the transportation of military troops and goods across the globe, a Senate investigators have found. The Senate Armed Services Committee has been investigating the issue for the past year and found that the U.S. Military's Transportation Command (TRANSCOM) has been infiltrated at least 20 times in a single year, out of which only two were detected. This is probably the most serious allegation yet against China. The successful intrusions attributed to an "advanced persistent threat," a term used to designate sophisticated threats commonly associated with governments. All of those intrusions were attributed to China, the report stated. The investigation was conducted in the 12 months period from June 2012 to June 2013 based on information provided by the Federal Bureau of Investigat
Chinese Government Accused of Intercepting Traffic Between Google and CERNET

Chinese Government Accused of Intercepting Traffic Between Google and CERNET

Sep 08, 2014
So far, we all are well aware of the fact that Chinese have had a past filled with cases of Cyber Crime. China is the world's largest exporter of IT goods, but it has been criticized by many countries due to suspected backdoors in its products, including United States which has banned its several major government departments, including NASA, Justice and Commerce Departments, from purchasing Chinese products and computer technology. The new exposure indicates the same. Chinese Government is running a man-in-the-middle (MitM) cyber attack campaign on SSL encrypted traffic between the country's education network and Google. In an effort to monitor its users of China Education and Research Network (CERNET) , Chinese authorities has started intercepting encrypted traffic to and from Google's servers, the non-profit organization GreatFire reported on Thursday. However, just like many other foreign websites, Google is blocked in China. Because Google is one of the vast and v
Cyber Espionage Group Ported Windows Malware to Mac

Cyber Espionage Group Ported Windows Malware to Mac

Sep 05, 2014
Till now we have seen a series of different malware targeting Windows operating system and not Mac, thanks to Apple in way it safeguard its devices' security. But with time, cyber criminals and malware authors have found ways to exploit Mac as well. GROUP BEHIND THE MAC VERSION OF BACKDOOR Researchers have unmasked a group of cyber criminals that has recently started using a new variant of XSLCmd backdoor program to target Mac OS X systems. This Mac version of backdoor shares a significant portion of its code with the Windows version of the same backdoor that has been around since at least 2009. According to FireEye researchers, the group, dubbed as GREF , is already infamous for its past cyber espionage attacks against the US Defense Industrial Base (DIB), companies from the electronics and engineering sectors worldwide, foundations and other NGO's as well. " We track this threat group as "GREF" due to their propensity to use a variety of Google references in th
70% of South Korean Population Victimized In Online Gaming Heist

70% of South Korean Population Victimized In Online Gaming Heist

Aug 27, 2014
More than half of South Korea's 50 million population aged between 15 and 65 have been affected in a massive data breach, compromising their personal information. The data breach came to light when 16 individual were arrested following the theft of about 220 million stolen records from a number of online game, ringtone storefronts and movie ticket sites that contains personally identifiable information related to 27 million victims. The stolen records included actual name, account name, password and resident registration number of the victims, According to the English version of a Seoul-based daily newspaper, the Korea Joongang Daily . Among 16 perpetrators, the South Jeolla Provincial Police Agency arrested a 24-year-old man named 'Kim' , for allegedly obtaining and selling all 220 million personal information including names, registration numbers, account names, and passwords , from a Chinese hacker he met through an online game in 2011. Police estimated the
Xiaomi Phones Secretly Sending Users' Sensitive Data to Chinese Servers

Xiaomi Phones Secretly Sending Users' Sensitive Data to Chinese Servers

Aug 10, 2014
Chinese telecoms equipment suppliers have previously been criticized by some countries due to suspected backdoors in its products, and if United States has banned its several major government departments, including NASA, Justice and Commerce Departments, from purchasing Chinese products and computer technology, then they are not wrong at all. In the latest claim against Chinese smartphone manufacturers is the allegation that the popular Chinese smartphone brand, Xiaomi has been suspected of "secretly" stealing users' information — including SMS messages and photos —from the device without the user's permissions and sending it back to a server in Beijing, despite of turning off the data backup functions, according to Apple Insider . Security Researchers from  F-Secure Antivirus firm  has shown that the Xiaomi phones (RedMi 1S handset) send quite a lot of personal and sensitive data to " api.account.xiaomi.com "  server located in China, including following information
Chinese Hackers Stole Blueprints of Israel's Iron Dome Missile Defense System

Chinese Hackers Stole Blueprints of Israel's Iron Dome Missile Defense System

Jul 29, 2014
Chinese hackers infiltrated the databases of three Israeli defense contractors and stole plans for Israel's Iron Dome missile defense system, according to an investigation by a Maryland-based cyber security firm ' Cyber Engineering Services Inc. (CyberESI) '. Not just this, the hackers were also able to nab plans regarding other missile interceptors, including Unmanned Aerial Vehicles, ballistic rockets and the Arrow III missile interceptor which was designed by Boeing and other U.S.-based companies. The intrusions were thought to be executed by Beijing's infamous " Comment Crew " hacking group – a group of cyber warriors linked to the Chinese People's Liberation Army (PLA) – into the corporate networks of top Israeli defense technology companies, including Elisra Group, Israel Aerospace Industries, and Rafael Advanced Defense Systems, between 10 October 2011 and 13 August 2012. The three Israeli defense technology companies were responsible for the developmen
Chinese Hackers Broke into the Database of U.S. Federal Employees

Chinese Hackers Broke into the Database of U.S. Federal Employees

Jul 10, 2014
Chinese hackers broke into the computer systems of United States government agency that keeps the personal information of all federal employees, according to the paper published in the New York Times. The attack occurred on the Office of Personnel Management and Senior American officials believe that the attackers successfully gained access to some of the agency's databases in March before the federal authorities detected the threat and blocked them from the network. The hackers targeted the files of tens of thousands of federal employees who have applied for top-secret security clearances, the newspaper reported. " The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data. Federal employees who have had security clearances for some time are often required to update their personal inf
Largest DDoS Attack Hit Hong Kong Democracy Voting Website

Largest DDoS Attack Hit Hong Kong Democracy Voting Website

Jun 23, 2014
Hackers and cyber attacks are getting evil and worst nightmare for companies day-by-day. Just last week a group of hackers ruined the code-hosting and software collaboration platform, ' Code Spaces ' by destroying their Amazon cloud server, complete data and its backup files too. Recently, the largest ever and most severe Distributed Denial of Service (DDoS) attacks in the history of the Internet has been recorded that hit the online democracy poll promoting opinion on the upcoming Hong Kong elections. PopVote , an online mock election operated by The University of Hong Kong's Public Opinion Program, by Saturday recorded more than half a million votes in less than 30 hours in the unofficial referendum that provided permanent residents of Hong Kong to choose their preferred political representatives, that is suppose to be continued until June 29. However, the Chief Executive is officially chosen by a 1,200-member Election Committee under the current political system and drawn largel
Fraudsters Physically Deploy Malicious Software to Hack ATMs

Fraudsters Physically Deploy Malicious Software to Hack ATMs

May 31, 2014
Criminals will not let any way to cheat an ATM machine out of its cash, as it's one of the easiest way for them to get the hands on cash. ATM skimmers have now discovered a new and high-tech approach to target cash machines directly by inserting a physical notorious device into it instead. According to the Chinese press , two Ukrainian men arrested in Macau for reportedly planting the malicious software program in the seven Macau bank ATMs. This could came out as the quickest method to hack the cash machines. HACKING ATM MACHINES The two accused were arrested this week by the authorities in Macau, a Chinese territory approximately west of Hong Kong, but the two are from Ukraine and had successfully stolen almost $100,000 by corrupting more than seven ATMs with a computer virus. According to the authorities, the men allegedly used a green object device ( as shown in the image ) to carry out the money fraud. They first connected the device to a laptop and then inserted
Fake WeChat App Targeting Android Users with Banking Trojan

Fake WeChat App Targeting Android Users with Banking Trojan

May 29, 2014
After Whatsapp, The Chinese WeChat is the second most popular messaging application and currently being targeted by cybercriminals to spread a new Banking Trojan in order to steal the financial information from its users. WeChat is a famous mobile instant messaging app developed by Chinese company Tencent, with more than 355 million users across the world. The app offers people to chit-chat with their friends and relatives, and also allows users to make payments for goods and services on WeChat. The Payment feature of the app requires users' bank account details to their messenger account and this is what tempting cybercriminals to develop new and more sophisticated banking Trojans and malwares. The security researchers at Kaspersky Lab have uncovered such banking Trojan, dubbed as Banker.AndroidOS.Basti.a, which looks exactly like the legitimate WeChat application for Android devices. While installation, it also requires the same permissions such as to access the Int
US Charges Five Chinese Military Officials with Economic Espionage

US Charges Five Chinese Military Officials with Economic Espionage

May 19, 2014
The United States has filed criminal charges against Chinese military officials for hacking and cyber espionage against several American companies. This case is first of its own kind in which the prosecutors have formally accused members of a foreign government with economic espionage charges. Attorney General Eric Holder and FBI are expected to reveal the new indictment later this afternoon, in which five officials of China's People's Liberation Army will be named, who are believed to be the current members of Beijing's military establishment. Accused chinese officials allegedly worked for the People's Liberation Army and have spied on U.S companies and stolen trade secrets. The alleged hackers are said to work for the PLA's Unit 61398 in Shanghai. Among the trade secrets, they are also accused for stealing information about a nuclear power plant design and a solar panel company's cost and pricing data, " They used military and intelligence faci
Cybersecurity Resources