Search results for Chinese hackers | Breaking Cybersecurity News | The Hacker News

Chinese hackers having aim to Spying on U.S. Govt It's the second time Google has blamed a major computer hacking scheme on China . On 1st of June we have Reported that :  Chinese Hacker Cracks Hundreds of Gmail Accounts of U.S. & Asia .  This time Google says unknown hackers from Jinan, China, a city with a military command center, stole the personal Gmail passwords of hundreds of senior U.S .government officials. Google said the hackers' "goal" was to eavesdrop on the officials  "to monitor the content of the users' emails." The hackers did not steal any government-owned emails, but U.S. officials who work at home frequently use Gmail to do government business. White House teams often use Gmail to communicate where and when the President might travel. The risk is growing that too much secure information is being sent on non-secure systems. FBI is now investigating and this new revelation of hacking is adding heat to the growing frict

The Mysterious Malaysian Airlines flight MH370 , a Boeing 777-200 aircraft that has gone missing by the time it flew from Kuala Lumpur to Beijing. The Malaysian Prime Minister had also confirmed that the Malaysia Airlines plane had crashed in a remote part of the southern Indian Ocean. Cyber Criminals are known to take advantage of major news stories or events where there is a high level of public interest and now Scammers are also targeting tragedy of MH370 to trap innocent Internet users. Just a few days before we warned you about a Facebook malware campaign claimed that the missing Malaysian Airlines ' MH370 has been spotted in the Bermuda Triangle ' with its passengers still alive and invites users to click a link to view breaking news video footage. This week, Security researchers at FireEye have revealed about various ongoing spear phishing and malware attacks by some advanced persistent threat (APT) attackers. According to the researchers, the Chines

The introduction of Open AI's ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing, help marketers produce unique content at low cost, and enable teams and creatives to brainstorm new ideas.  Recent significant GenAI product launches include Microsoft 365 Copilot, GitHub Copilot, and Salesforce Einstein GPT. Notably, these GenAI tools from leading SaaS providers are paid enhancements, a clear sign that no SaaS provider will want to miss out on cashing in on the GenAI transformation. Google will soon launch its SGE "Search Generative Experience" platform for premium AI-generated summaries rather than a list of websites.  At this pace, it's just a matter of a short time befo

An emerging threat actor out of China has been traced to a new hacking campaign aimed at government agencies in India and residents of Hong Kong intending to steal sensitive information, cybersecurity firm Malwarebytes revealed in the latest report shared with The Hacker News. The attacks were observed during the first week of July, coinciding the passage of controversial security law in Hong Kong and India's ban of 59 China-made apps over privacy concerns, weeks after a violent skirmish along the Indo-China border. Attributing the attack with "moderate confidence" to a new Chinese APT group, Malwarebytes said they were able to track their activities based on the "unique phishing attempts" designed to compromise targets in India and Hong Kong. The operators of the APT group have leveraged at least three different Tactics, Techniques, and Procedures (TTPs), using spear-phishing emails to drop variants of Cobalt Strike and MgBot malware, and bogus Andr

" Cyber China ", from Operation Aurora to China Cyber Attacks Syndrome Security Expert, from  Security Affairs  -  Pierluigi Paganini takes us on a visit to China via The Hacker News January Edition Magazine Article and makes us wonder just how influential China's hacking is on world internet security. Read and decide for yourself : When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threat to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are beginning to gather

Cybersecurity researchers have uncovered an espionage campaign that has targeted a national data center of an unnamed central Asian country in order to conduct watering hole attacks. The campaign is believed to be active covertly since fall 2017 but was spotted in March by security researchers from Kaspersky Labs, who have attributed these attacks to a Chinese-speaking threat actor group called LuckyMouse . LuckyMouse, also known as Iron Tiger, EmissaryPanda, APT 27 and Threat Group-3390, is the same group of Chinese hackers who was found targeting Asian countries with Bitcoin mining malware early this year. The group has been active since at least 2010 and was behind many previous attack campaigns resulting in the theft of massive amounts of data from the directors and managers of US-based defense contractors. This time the group chose a national data center as its target from an unnamed country in Central Asia in an attempt to gain "access to a wide range of government

Cybersecurity researchers from FireEye unmasked additional tactics, techniques, and procedures (TTPs) adopted by Chinese threat actors who were recently found abusing Pulse Secure VPN devices to drop malicious web shells and exfiltrate sensitive information from enterprise networks. FireEye's Mandiant threat intelligence team, which is tracking the cyber espionage activity under two activity clusters UNC2630 and UNC2717,  said  the intrusions line up with key Chinese government priorities, adding "many compromised organizations operate in verticals and industries aligned with Beijing's strategic objectives outlined in China's recent  14th Five Year Plan ." On April 20, the cybersecurity firm  disclosed  12 different malware families, including STEADYPULSE and LOCKPICK, that have been designed with the express intent to infect Pulse Secure VPN appliances and put to use by at least two cyber espionage groups believed to be affiliated with the Chinese government.

Secret and highly sensitive and $630 million building blueprints outlining the layout of Australia's top spy agency's new headquarters have been stolen by Chinese hackers. According to a report by the ABC 's Four Corners, the blueprints included floor plans, communications cabling, server locations and the security systems. The cyber attack, launched on a contractor involved in work at the site, is one of the reasons completion of the new building has been delayed. Companies including BlueScope Steel and Adelaide-based Codan, which makes radios for military and intelligence agencies, are also said have been targeted by the Chinese. Under this major hacking operations, hackers successfully breached the Defence Department's classified email system, the Department of Prime Minister and Cabinet, and the Department of Foreign Affairs and Trade. A separate attack on the Defence Department involved an employee sending a highly classified document from his des

A new sensational discovered has been announced by Kaspersky Lab's Global Research & Analysis Team result of an investigation after several attacks hit computer networks of various international diplomatic service agencies. A new large scale cyber-espionage operation has been discovered, named Red October , name inspired by famous novel The Hunt For The Red October (ROCRA) and chosen because the investigation started last October. The campaign hit hundreds of machines belonging to following categories: Government Diplomatic / embassies Research institutions Trade and commerce Nuclear / energy research Oil and gas companies Aerospace Military The attackers have targeted various devices such as enterprise network equipment and mobile devices (Windows Mobile, iPhone, Nokia), hijacking files from removable disk drives, stealing e-mail databases from local Outlook storage or remote POP/IMAP server and siphoning files from local network FTP servers. Accordin

The NSA and GCHQ have tracked and monitored the activities of independent and nation-state hackers, along with some of the foremost security researchers in order to gather information on targets and pilfer the stolen data from hackers' archives, top secret Snowden documents reveal. State-sponsored, individual Blackhat hackers and hacking groups target some or other organizations on an ongoing basis. So, by monitoring the work of 'freelance' and rival state hackers, the NSA and its allies get the stolen information, such as email accounts or chats owned by target of their interest, without doing much of hard work. HACKERS STOLE FROM TARGETS & AGENCIES STOLE FROM HACKERS According to the latest revealed documents provided by whistleblower Edward Snowden , the hacks and sophisticated breaches on the targets were carried out by the state-sponsored and freelance hackers, but the stolen data, referred to as 'take', was then pilfered by the agencies for

According to an exclusive report published today by DNA news, the computers of highly sensitive Defence Research and Development Organisation (DRDO) have reportedly been hacked by Chinese hackers as biggest security breach in the Indian Defence ever. Infiltrate leading to the leak of thousands of top secret files related to Cabinet Committee on Security, which have been detected to have been uploaded on a server in Guangdong province of China. Indian Defence Minister A K Antony said, " Intelligence agencies are investigating the matter at this stage and I do not want to say anything else. " " The leak was detected in the first week of March as officials from India's technical intelligence wing, National Technical Research Organisation (NTRO), working with private Indian cyber security experts cracked open a file called "army cyber policy". The file had been attached to hacked email accounts of senior DRDO officials that quickly spread through the system in a matter of

A State-sponsored Cyber Espionage Group -- most likely linked to the Chinese government becomes the first group to target the so-called " Air-Gapped Networks " that aren't directly connected to the Internet. What are Air-Gapped systems? Air-gapped systems are known to be the most safest and secure systems on the earth. These systems are isolated from the Internet or any other Internet-connected computers or external networks. Air-gapped systems are generally used in the critical situations that demand high security like in payment networks to process debit and credit card transactions, military networks, and in industrial control systems that operate critical infrastructure of the Nation. Why Air-Gapped? It is very difficult to siphon data from Air-Gapped systems because it requires a physical access to the target system or machine in order to do that and gaining physical access is possible only by using removable devices such as a firewire cab

Apple iCloud users in China are not safe from the hackers — believed to be working for Chinese government — who are trying to wiretap Apple customers in the country. Great Fire , a reputed non-profit organization that monitors Internet censorship in China, claimed that the Chinese authorities have launched a nationwide Man in the Middle (MITM) campaign against users of Apple's iCloud service, designed to steal users' login credentials and access private data. MAN-IN-THE-MIDDLE ATTACK The attacks on the iCloud service was first reported on Saturday and come as Apple begins the official rollout of its latest launched iPhone 6 and 6 Plus on the Chinese mainland. If we talk about less publicized but more danger, Man-in-the-Middle (MitM) attack is the most common one. By attempting MitM attack, a potential attacker could intercept users' internet communication, steal sensitive information and even hijack sessions. ACCESS TO CREDENTIALS AND ALL PERSONAL DATA Usin

For the very first time in history, China has arrested hackers within its borders at the request of the United States government. The helping hands of China made me remind of recent Hollywood movie, The Martian , in which China's CNSA helped the United States' NASA to rescue astronaut Mark Watney who was mistakenly presumed dead and left behind on the planet Mars. Although China did not rescue anyone, rather it did arrest, but the point is – China helped the United States. Just two weeks before Chinese President Xi Jinping visited the U.S., the Chinese government took unprecedented step by complying with a United States request and arresting a handful of hackers within its borders, anonymous U.S. officials told the Washington Post. The arrested hackers were suspected of stealing commercial secrets from U.S. firms and then selling or passing on those secrets to Chinese state-run companies. The hackers were part of a wanted list drawn up by the U.S.

The United States Justice Department has charged three Chinese nationals for allegedly hacking Moody's Analytics economist, German electronics manufacturer Siemens, and GPS maker Trimble, and stealing gigabytes of sensitive data and trade secrets. According to an indictment unsealed Monday in federal court in Pittsburgh, Pennsylvania, the three men worked for a Chinese cybersecurity company, Guangzhou Bo Yu Information Technology Company Limited ( Boyusec ), previously linked to China's Ministry of State Security. Earlier this year, security researchers also linked Boyusec to one of the active Chinese government-sponsored espionage groups, called Advanced Persistent Threat 3 (or APT3 ), which is also known as Gothic Panda, UPS Team, Buckeye, and TG-0110. In 2013, APT3 allegedly stole the blueprints for ASIO's new Canberra building using a piece of malware that was uploaded to an ASIO employee's laptop. According to the indictment, the three Chinese nationals

Chinese Government taking strong step against Cyber Crime The Chinese government is working with domestic Internet search engines like Baidu Inc and Sohu.com and financial institutions to prevent phishing attacks on unsuspecting Chinese web users. The Chinese government has announced that it will work together with 10 Chinese search engines. The user IDs, passwords and email addresses of more than 6 million accounts registered on CSDN, a site for programmers were leaked as we reported last week . The popular social-networking site Tianya was also hit by hackers last week. The Ministry of Industry and Information Technology said on Wednesday it would investigate the hacking incidents. In the U.S. data theft and hacking have become very common over the last few years. Recently, hacker group Anonymous hacked into the servers of security firm Stratfor and stole credit card and other personal details on thousands of users of the site and its services. The U.S. isn't alone in fighti

A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) group under the name  Blackwood . It's said to be active since at least 2018. The NSPX30 implant has been observed deployed via the update mechanisms of known software such as Tencent QQ, WPS Office, and Sogou Pinyin, with the attacks targeting Chinese and Japanese manufacturing, trading, and engineering companies as well as individuals located in China, Japan, and the U.K. "NSPX30 is a multistage implant that includes several components such as a dropper, an installer, loaders, an orchestrator, and a backdoor," security researcher Facundo Muñoz  said . "Both of the latter two have their own sets of plugins." "The implant was designed around the attackers

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a new advisory on Monday about a wave of cyberattacks carried by Chinese nation-state actors targeting US government agencies and private entities. "CISA has observed Chinese [Ministry of State Security]-affiliated cyber threat actors operating from the People's Republic of China using commercially available information sources and open-source exploitation tools to target US Government agency networks," the cybersecurity agency said. Over the past 12 months, the victims were identified through sources such as Shodan , the Common Vulnerabilities and Exposure ( CVE ) database, and the National Vulnerabilities Database (NVD), exploiting the public release of a vulnerability to pick vulnerable targets and further their motives. By compromising legitimate websites and leveraging spear-phishing emails with malicious links pointing to attacker-owned sites in order to gain initial access, the Chinese