According to a new report from FireEye, attacks originating in China have compromised nine different government ministries, beginning in August 2013. Advertising new information about the Syrian crisis, the infected emails came in advance of a G20 meeting about the crisis, suggesting the motives had more to do with espionage than a run-of-the-mill phishing attack. The attacks also specifically targeted the nations’ foreign ministries, suggesting its objective was primarily diplomatic. Although FireEye’s report leaves the countries anonymous, The New York Times has named the Czech Republic, Portugal and Hungary as among the nations compromised.
Chinese hackers targeted foreign ministries with malware
Once infected, the malware is designed to gather system and network information, then systematically harvest login credentials, allowing the infection to spread. FireEye briefly gained access to one of the attackers Command-and-Control servers, allowing them to watch the spread of the malware in real time, although they lost access before the program began collecting information, leaving open the question of what the attackers were hoping to discover.
Although the report offered no definitive link to the Chinese government, FireEye found conclusive evidence that the attacks had originated in China and was being operated by Chinese speakers. In the past, similar attacks have been linked back to a Chinese army base, and it's suspected these latest attacks have a similar origin.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
Most Popular
Most Popular
- Midjourney goes from generating cat images to full-body ultrasound scans
- Apple’s weird anti-nausea dots cured my car sickness
- Tim Cook says RAM expenses are ‘unsustainable’ and Apple is going to raise prices
- This Ghost in the Shell keyboard makes me want to activate the hundred spidery robot fingers inside my regular fingers
- Amazon employees say they’re facing termination for backing data center limits
