Cyber security news for all

More

    The U.S. Indicts Two Chinese Nationals for Hacking Hundreds of Organizations

    Two Chinese nationals, Li Xiaoyu and Dong Jiazhi have been charged with spying for the Chinese government for more than ten years.

    The indictment is an 11-count charge, which includes conspiracy to steal trade secrets, fraud, etc. Li and Dong were able to change file names; hid programs and documents at specific locations, and access victims’ systems through the use of RAR files.

    The indictment alleges the conspiracy to steal trade secrets, source codes, pharmaceutical chemical structures, technology designs, test mechanism and result, manufacturing processes, from eight victims.

    The accused nationals perpetrated the acts for both personal reasons and their country, China. Some of their victims include South Korea, Germany, Netherlands, United Kingdom, non-governmental organizations, clergy, companies’ human rights activist, dissidents in the United States, etc.

    Their point of the attack were vulnerabilities in software. Exploiting these vulnerabilities gave them access to data (including web server apps, web app development suites, and software collaboration programs).

    In other cases, they leveraged on recently published flaws.

    Stolen data were relayed to the Chinese Ministry of State Security (MSS).

    Li and Dong had the help of an unnamed MSS official.

    While fulfilling the MSS needs, the two Chinese nationals stole valuable information; data on counter-chemical weapons systems, ship-to-helicopter integration systems, military satellite programs, and wireless networks and communications systems.

    The hackers stole millions of dollars worth of secrets and intellectual property, and also ransomed some of the stolen data.

    Due to their relevance in information gathering for the MSS, the hackers received haven in China while coordination attacks in victims.

    According to a statement released by the DoJ; “Li and Dong, targeted a broad range of industries, including high tech manufacturing, engineering, software, solar energy, pharmaceuticals, and defense. Recently, they targeted the networks of organizations developing COVID-19 vaccines; testing technology, and treatments.” They supplied victims’ data to the MSS.

    The DoJ says, “such information would give competitors with a market edge by providing insight into proprietary business plans; and savings on research and development costs in creating competing products.”

    The indictment further states the details of the stolen data (the type of data, organization stolen from, when it was stolen, etc.)

    It also accuses them of using the China Chopper web shell to maintain compromised environments and place them on victims’ networks. Even as far as passwording the web shells. (The China Chopper web shell is a tool by Chinese hackers).

    The Assitant Attorney General for National Security John C. Demers expressed his disappointment in the Chinese government. “China has now taken its place, alongside Russia, Iran, and North Korea; in that shameful club of nations that provide a haven for cybercriminals in exchange for those criminals being ‘on-call’ to work for the benefit of the state. Here to feed the Chinese Communist party’s insatiable hunger for American and other non-Chinese companies’ hard-earned intellectual property; including COVID-19 research.”

    Recent Articles

    Unauthorized access at Scalable Capital

    There has apparently been unauthorized access to individual data at Scalable Capital. The company informed its customers about the incident by mail yesterday, referring...

    The US accuses Russian officers of being in charge for cyber attacks

    The US government has brought charges against Russians who are alleged to have been involved in various cyber attacks as officers of the military...

    Twitter changed its rules for dealing with hacked data

    On Friday night, access to Twitter was disconnected for about two hours. The Chief Engineer announced that the reason was a rebuild in the...

    Norway sees Russia as the perpetrator of the cyber attack

    "It is important that our government refuses to send the Russians a clear sign that we do not know," said the Norway government. According...

    Phishing mail with an incorrect form for Corona bridging aid

    The representation of the European Commission warned of a phishing attempt targeting small and medium sized enterprises. Under the pretext for corona bridging aid,...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox