New Delhi, Aug 9 : Chinese hackers have attacked industrial facilities as well as research institutes, ministry and state agencies in various countries.They were able to take over the infrastructure of IT of some, gaining control of systems that are used to manage security solutions according to a new report disclosed. Researchers from the cyber-security firm Kaspersky observed a rash of targeted attacks against companies in the military industrial complex as well as public institutions in various Eastern European countries and Afghanistan.
“In the course of our investigation we were able to discover more than dozen of targeted organizations,” the researchers said.
This analysis indicates that “it is highly likely that a Chinese-speaking community has been behind the attack”.
The researchers identified TA428 the Chinese-speaking APT group that was behind the string of attacks that utilized the backdoors of six malware.
The attackers broke into the enterprise network with carefully crafted phishing messages.
“In the course of our investigation, we found that in certain instances, attackers design phishing emails using information that isn’t publicly accessible, such as the complete names of employees who handle sensitive information as well as internal codenames of projects created by the targeted organizations,” the team noted.
Phishing emails include Microsoft Word documents with embedded malicious code that exploits CVE-2017-11882 vulnerability, which permits an attacker to execute any code without the need for additional user involvement.
In the latest series of attacks the attackers utilized the backdoors of six different types at the time — likely to establish redundant channels of communication with affected systems in the event that one of the malicious programs was identified and eliminated by a security program.
“The backdoors are designed to provide a lot of functionality for controlling the infected system and storing confidential data,” said Kaspersky.
The attackers targeted industrial facilities as well as design bureaus, research institutes, as well as government agencies departments, ministries and ministers in various East European countries (Belarus, Russia and Ukraine) as in Afghanistan and Afghanistan, the report said.
na/dpb
.
