The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Search results for Chinese hackers

US Charges Five Chinese Military Officials with Economic Espionage

US Charges Five Chinese Military Officials with Economic Espionage

May 19, 2014Mohit Kumar
The United States has filed criminal charges against Chinese military officials for hacking and cyber espionage against several American companies. This case is first of its own kind in which the prosecutors have formally accused members of a foreign government with economic espionage charges. Attorney General Eric Holder and FBI are expected to reveal the new indictment later this afternoon, in which five officials of China's People's Liberation Army will be named, who are believed to be the current members of Beijing's military establishment. Accused chinese officials allegedly worked for the People's Liberation Army and have spied on U.S companies and stolen trade secrets. The alleged hackers are said to work for the PLA's Unit 61398 in Shanghai. Among the trade secrets, they are also accused for stealing information about a nuclear power plant design and a solar panel company's cost and pricing data, " They used military and intelligence faci
Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages

Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages

October 31, 2019Swati Khandelwal
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals. Dubbed " MessageTap ," the backdoor malware is a 64-bit ELF data miner that has recently been discovered installed on a Linux-based Short Message Service Center (SMSC) server of an unnamed telecommunications company. According to a recent report published by FireEye's Mandiant firm, MessageTap has been created and used by APT41 , a prolific Chinese hacking group that carries out state-sponsored espionage operations and has also been found involved in financially motivated attacks. In mobile telephone networks, SMSC servers act as a middle-man service responsible for handling the SMS operations by routing messages between senders and recipients. Since SMSes are not designed to be encrypted, neither on transmitting nor on the telec
Chinese Hackers Stole Blueprints of Israel's Iron Dome Missile Defense System

Chinese Hackers Stole Blueprints of Israel's Iron Dome Missile Defense System

July 29, 2014Mohit Kumar
Chinese hackers infiltrated the databases of three Israeli defense contractors and stole plans for Israel's Iron Dome missile defense system, according to an investigation by a Maryland-based cyber security firm ' Cyber Engineering Services Inc. (CyberESI) '. Not just this, the hackers were also able to nab plans regarding other missile interceptors, including Unmanned Aerial Vehicles, ballistic rockets and the Arrow III missile interceptor which was designed by Boeing and other U.S.-based companies. The intrusions were thought to be executed by Beijing's infamous " Comment Crew " hacking group – a group of cyber warriors linked to the Chinese People's Liberation Army (PLA) – into the corporate networks of top Israeli defense technology companies, including Elisra Group, Israel Aerospace Industries, and Rafael Advanced Defense Systems, between 10 October 2011 and 13 August 2012. The three Israeli defense technology companies were responsible for the developmen
Chinese hackers defaces Philippines News Agency website

Chinese hackers defaces Philippines News Agency website

April 15, 2013Wang Wei
Chinese hackers defaced the website of the government owned Philippines News Agency (PNA) on Sunday.  Defaced page of the website was with the Chinese flag and the text: " China Hacker EvilShadow Team, We are evil shadow. We are the team. We have our own dignity China Hacker Lxxker. " The hackers shared news of the attack on Facebook. The site was back to normal after an hour. This last hacking incident comes days after the arrest of 12 Chinese fishermen suspected of poaching after their boat ran aground in a protected marine park. This was not the first time that the site was hacked. Last year , cyber attacks on several government websites were blamed on Chinese hackers during a standoff in Scarborough Shoal, a group of rocky outcrops in the South China Sea that is close to main Philippine island of Luzon.
Chinese Hackers spied on European Diplomats during recent G20 meetings

Chinese Hackers spied on European Diplomats during recent G20 meetings

December 13, 2013Mohit Kumar
Security firm FireEye has released a new report  detailing cyber espionage attacks on European Ministries of Foreign Affairs (MFA) during recent G20 meetings by Chinese Hackers . According to FireEye's researcher Nart Villeneuve , hackers infiltrated the computer networks of five European foreign ministries by sending emails containing malware files to staff and gained access to their systems to steal credentials and high-value information. "We believe that the Ke3chang attackers are operating out of China and have been active since at least 2010," The cyber espionage campaign named as " Operation Ke3chang " and if the victim will download & open the malware file which disguised itself as files detailing a possible intervention in Syria ( US_military_options_in_Syria . pdf . zip ), it gets installed on the victim's computer with a backdoor. " They have also leveraged a Java zero-day vulnerability (CVE-2012-4681), as well as older, reliable exploits for Mi
Linguistic Analysis Suggests WannaCry Hackers Could be From Southern China

Linguistic Analysis Suggests WannaCry Hackers Could be From Southern China

May 29, 2017Wang Wei
It's been almost four weeks since the outcry of WannaCry ransomware , but the hackers behind the self-spread ransomware threat have not been identified yet. However, two weeks ago researchers at Google, Kaspersky Lab, Intezer and Symantec linked WannaCry to 'Lazarus Group,' a state-sponsored hacking group believed to work for the North Korean government. Now, new research from dark web intelligence firm Flashpoint indicates the perpetrators may be Chinese, based on its own linguistic analysis. Flashpoint researchers Jon Condra and John Costello analyzed each of WannaCry's localized ransom notes, which is available in 28 languages, for content, accuracy, and style, and discovered that all the notes, except English and Chinese versions (Simplified and Traditional), had been translated via Google Translate. According to the research, Chinese and English versions of the ransomware notes were most likely written by a human. On further analysis, researchers discovered that
A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments

A Look Into Continuous Efforts By Chinese Hackers to Target Foreign Governments

October 02, 2019Swati Khandelwal
Phishing is still one of the widely used strategies by cybercriminals and espionage groups to gain an initial foothold on the targeted systems. Though hacking someone with phishing attacks was easy a decade ago, the evolution of threat detection technologies and cyber awareness among people has slowed down the success of phishing and social engineering attacks over the years. Since phishing is more sort of a one-time opportunity for hackers before their victims suspect it and likely won't fall for the same trick again, sophisticated hacking groups have started putting a lot of effort, time and research to design well-crafted phishing campaigns. In one such latest campaign discovered by cybersecurity researchers at Check Point, a Chinese hacking group, known as Rancor , has been found conducting very targeted and extensive attacks against Southeast Asian government entities from December 2018 to June 2019. What's interesting about this ongoing 7-month long campaign is
Hackers Using Fake Cellphone Towers to Spread Android Banking Trojan

Hackers Using Fake Cellphone Towers to Spread Android Banking Trojan

March 22, 2017Swati Khandelwal
Chinese Hackers have taken Smishing attack to the next level, using rogue cell phone towers to distribute Android banking malware via spoofed SMS messages. SMiShing — phishing attacks sent via SMS — is a type of attack wherein fraudsters use number spoofing attack to send convincing bogus messages to trick mobile users into downloading a malware app onto their smartphones or lures victims into giving up sensitive information. Security researchers at Check Point Software Technologies have uncovered that Chinese hackers are using fake base transceiver stations (BTS towers) to distribute " Swearing Trojan ," an Android banking malware that once appeared neutralized after its authors were arrested in a police raid. This is the first ever reported real-world case in which criminals played smart in such a way that they used BTS — a piece of equipment usually installed on cellular telephone towers — to spread malware. The phishing SMS, which masquerades itself as the on
China Finally Admits It Has Army of Hackers

China Finally Admits It Has Army of Hackers

March 20, 2015Mohit Kumar
China finally admits it has special cyber warfare units — and a lot of them. From years China has been suspected by U.S. and many other countries for carrying out several high-profile cyber attacks, but every time the country strongly denied the claims. However, for the first time the country has admitted that it does have cyber warfare divisions – several of them, in fact. In the latest updated edition of a PLA publication called The Science of Military Strategy , China finally broke its silence and openly talked about its digital spying and network attack capabilities and clearly stated that it has specialized units devoted to wage war on computer networks. An expert on Chinese military strategy at the Center for Intelligence Research and Analysis, Joe McReynolds told TDB that this is the first time when China has explicit acknowledged that it has secretive cyber-warfare units, on both the military as well as civilian-government sides. CHINESE CYBER WARFARE UNI
“Cyber China”, from Operation Aurora to China Cyber Attacks Syndrome

"Cyber China", from Operation Aurora to China Cyber Attacks Syndrome

February 08, 2012Mohit Kumar
" Cyber China ", from Operation Aurora to China Cyber Attacks Syndrome Security Expert, from  Security Affairs  -  Pierluigi Paganini takes us on a visit to China via The Hacker News January Edition Magazine Article and makes us wonder just how influential China's hacking is on world internet security. Read and decide for yourself : When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threat to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are beginning to gather
Chinese Hackers Hacked Into U.S. Defense Contractors 20 Times In Just One Year

Chinese Hackers Hacked Into U.S. Defense Contractors 20 Times In Just One Year

September 18, 2014Swati Khandelwal
Chinese hackers associated with the Chinese government have successfully infiltrated the computer systems of U.S. defense contractors working with the government agency responsible for the transportation of military troops and goods across the globe, a Senate investigators have found. The Senate Armed Services Committee has been investigating the issue for the past year and found that the U.S. Military's Transportation Command (TRANSCOM) has been infiltrated at least 20 times in a single year, out of which only two were detected. This is probably the most serious allegation yet against China. The successful intrusions attributed to an "advanced persistent threat," a term used to designate sophisticated threats commonly associated with governments. All of those intrusions were attributed to China, the report stated. The investigation was conducted in the 12 months period from June 2012 to June 2013 based on information provided by the Federal Bureau of Investigat
APT Groups Return - Chinese Hackers Resume Cyber Espionage Operations

APT Groups Return - Chinese Hackers Resume Cyber Espionage Operations

April 11, 2014Swati Khandelwal
Year back, one of the largest " Advanced Persistent Threat " ( APT ) hacking groups received widespread attention from the media and from the U.S. government. APT Groups are China's cyber espionage units and they won't stop their espionage operation, despite being exposed last year. Yes, APT hacking groups, APT1 and APT12 , are again making headlines. Without bothering that the world knows about its cyber hacking activities, the two of its major hacking groups have became once again active and have resumed their espionage operation, reports the security firm Mandiant . A timeline of APT1 economic espionage conducted since 2006 and has systematically stolen confidential data from at least 141 organizations across multiple industries. Mandiant, the FireEye owned company, announced in its M-Trend report that over the past year the firm has a close eye on the APT1 group , which it first exposed in February 2013. It's also been monitoring the second Chinese hackers group, APT12 that
Chinese Hackers won $215,000 for Hacking iPhone and Google Nexus at Mobile Pwn2Own

Chinese Hackers won $215,000 for Hacking iPhone and Google Nexus at Mobile Pwn2Own

October 27, 2016Swati Khandelwal
The Tencent Keen Security Lab Team from China has won a total prize money of $215,000 in the 2016 Mobile Pwn2Own contest run by Trend Micro's Zero Day Initiative (ZDI) in Tokyo, Japan. Despite the implementation of high-security measures in current devices, the famous Chinese hackers crew has successfully hacked both Apple's iPhone 6S as well as Google's Nexus 6P phones. Hacking iPhone 6S For hacking Apple's iPhone 6S, Keen Lab exploited two iOS vulnerabilities – a use-after-free bug in the renderer and a memory corruption flaw in the sandbox – and stole pictures from the device, for which the team was awarded $52,500 . The iPhone 6S exploit successfully worked despite the iOS 10 update rolled out by Apple this week. Earlier this week, Marco Grassi from Keen Lab was credited by Apple for finding a serious remote code execution flaw in iOS that could compromise a victim's phone by just viewing "a maliciously crafted JPEG" image. However, a
China — OPM Hack was not State-Sponsored; Blames Chinese Criminal Gangs

China — OPM Hack was not State-Sponsored; Blames Chinese Criminal Gangs

December 03, 2015Mohit Kumar
In the most surprising manner, the Chinese government said it arrested criminal hackers behind the massive cyber attack on US Office of Personnel Management (OPM) earlier this year, dismissing its involvement. Three months back, we reported that China arrested a handful of hackers within its borders who were suspected of allegedly stealing commercial secrets from US companies. The arrests took place shortly before China President Xi Jinping visited the United States in September 2015 when both heads of states agreed that neither side will participate in commercial espionage against one another. China: Cyber Criminals Hacked OPM, Not Government Spies Now, those suspected hackers have turned out to be the ones in connection with the OPM hack that resulted in the theft of personal details of more than 21 Million United States federal employees, including 5.6 Million federal employees' fingerprints . Citing an " investigation ", the Chinese governme
US satellites was victim by Chinese Hackers

US satellites was victim by Chinese Hackers

October 27, 2011Mohit Kumar
US satellites was victim by Chinese Hackers Computer hackers, possibly from the Chinese military, interfered with two U.S. government satellites four times in 2007 and 2008 through a ground station in Norway, according to a congressional commission. According to Bloomberg , the Chinese military is suspected of executing the digital intrusions which targeted satellites used for earth climate and terrain observation. Indeed, a Landsat-7 earth observation satellite system experienced 12 or more minutes of interference in October 2007 and July 2008, while hackers tapped into a Terra AM-1 earth observation satellite twice, for two minutes in June 2008 and nine minutes in October that year. Interestingly enough, the report doesn't actually accuse the Chinese government of sponsoring or executing the four attacks. 

 However, it clearly states that the breaches are "consistent" with Beijing's military doctrine which advocates disabling an enemy's space systems, and
Malaysian flight MH370 tragedy abused by Chinese hackers for Espionage attacks

Malaysian flight MH370 tragedy abused by Chinese hackers for Espionage attacks

March 26, 2014Wang Wei
The Mysterious Malaysian Airlines flight MH370 , a Boeing 777-200 aircraft that has gone missing by the time it flew from Kuala Lumpur to Beijing. The Malaysian Prime Minister had also confirmed that the Malaysia Airlines plane had crashed in a remote part of the southern Indian Ocean. Cyber Criminals are known to take advantage of major news stories or events where there is a high level of public interest and now Scammers are also targeting tragedy of MH370 to trap innocent Internet users. Just a few days before we warned you about a Facebook malware campaign claimed that the missing Malaysian Airlines ' MH370 has been spotted in the Bermuda Triangle ' with its passengers still alive and invites users to click a link to view breaking news video footage. This week, Security researchers at FireEye have revealed about various ongoing spear phishing and malware attacks by some advanced persistent threat (APT) attackers. According to the researchers, the Chines
Chinese Hackers Carried Out Country-Level Watering Hole Attack

Chinese Hackers Carried Out Country-Level Watering Hole Attack

June 14, 2018Swati Khandelwal
Cybersecurity researchers have uncovered an espionage campaign that has targeted a national data center of an unnamed central Asian country in order to conduct watering hole attacks. The campaign is believed to be active covertly since fall 2017 but was spotted in March by security researchers from Kaspersky Labs, who have attributed these attacks to a Chinese-speaking threat actor group called LuckyMouse . LuckyMouse, also known as Iron Tiger, EmissaryPanda, APT 27 and Threat Group-3390, is the same group of Chinese hackers who was found targeting Asian countries with Bitcoin mining malware early this year. The group has been active since at least 2010 and was behind many previous attack campaigns resulting in the theft of massive amounts of data from the directors and managers of US-based defense contractors. This time the group chose a national data center as its target from an unnamed country in Central Asia in an attempt to gain "access to a wide range of government
Spy Agencies Rely on Hackers for Stolen Data and Monitoring Security Experts for Expertise

Spy Agencies Rely on Hackers for Stolen Data and Monitoring Security Experts for Expertise

February 05, 2015Swati Khandelwal
The NSA and GCHQ have tracked and monitored the activities of independent and nation-state hackers, along with some of the foremost security researchers in order to gather information on targets and pilfer the stolen data from hackers' archives, top secret Snowden documents reveal. State-sponsored, individual Blackhat hackers and hacking groups target some or other organizations on an ongoing basis. So, by monitoring the work of 'freelance' and rival state hackers, the NSA and its allies get the stolen information, such as email accounts or chats owned by target of their interest, without doing much of hard work. HACKERS STOLE FROM TARGETS & AGENCIES STOLE FROM HACKERS According to the latest revealed documents provided by whistleblower Edward Snowden , the hacks and sophisticated breaches on the targets were carried out by the state-sponsored and freelance hackers, but the stolen data, referred to as 'take', was then pilfered by the agencies for
Chinese hackers having aim to Spying on U.S. Govt

Chinese hackers having aim to Spying on U.S. Govt

June 02, 2011Mohit Kumar
Chinese hackers having aim to Spying on U.S. Govt It's the second time Google has blamed a major computer hacking scheme on China . On 1st of June we have Reported that :  Chinese Hacker Cracks Hundreds of Gmail Accounts of U.S. & Asia .  This time Google says unknown hackers from Jinan, China, a city with a military command center, stole the personal Gmail passwords of hundreds of senior U.S .government officials. Google said the hackers' "goal" was to eavesdrop on the officials  "to monitor the content of the users' emails." The hackers did not steal any government-owned emails, but U.S. officials who work at home frequently use Gmail to do government business. White House teams often use Gmail to communicate where and when the President might travel. The risk is growing that too much secure information is being sent on non-secure systems. FBI is now investigating and this new revelation of hacking is adding heat to the growing frict
Chinese Hackers Target Air-Gapped Networks in Southeast Asia

Chinese Hackers Target Air-Gapped Networks in Southeast Asia

April 13, 2015Swati Khandelwal
A State-sponsored Cyber Espionage Group -- most likely linked to the Chinese government becomes the first group to target the so-called " Air-Gapped Networks " that aren't directly connected to the Internet. What are Air-Gapped systems? Air-gapped systems are known to be the most safest and secure systems on the earth. These systems are isolated from the Internet or any other Internet-connected computers or external networks. Air-gapped systems are generally used in the critical situations that demand high security like in payment networks to process debit and credit card transactions, military networks, and in industrial control systems that operate critical infrastructure of the Nation. Why Air-Gapped? It is very difficult to siphon data from Air-Gapped systems because it requires a physical access to the target system or machine in order to do that and gaining physical access is possible only by using removable devices such as a firewire cab
Exclusive Offers

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.