APT20: Chinese Hacker Group Resumes Their Global Data Attack


Fox-IT, a Dutch cybersecurity firm has revealed that a popular potent Chinese hacker group APT20 has resumed their global attack of stealing government and private company data. The group is also known as violin Panda, and was very active between 2009 and 2014 but went dormant for a while.

They are suspected to be working in the interest of the Chinese government, and mainly focuses on stealing data from military and telecommunication companies. The Chinese hacker group has been linked to a number of cyber-attacks, and are very potent in their approach according to research. 

Chinese hacker group

Image Source: www.nulltx.com

The Chinese hacker group targets a wide variety of companies in different fields across different countries. According to the report, ten countries were their main target including the United States of America. They are mainly interested in companies that find themselves in construction, gambling, energy, insurance, finance, health aviation and many other fields for an unknown reason.

According to cybersecurity expert Casey Fleming, the Chinese regime is known for hiring hackers, and the comeback of the Chinese hacker group is no surprise. This explains that most hacking incidents are government motivated instead of the personal desire of the hacker to obtain financial benefits.

Fleming further explained that the resurgence of the Chinese hacker group and the many governments motivated cyber-attacks is part of the ongoing hostile strategy known as the asymmetric hybrid warfare.

According to the report, they aim to compromise the enemy and competitor state without shedding single blood. Fleming revealed that the Chinese Communist Party is peaking now, and is still stealing intellectual property, innovation, trade secret, sensitive data and many more. They actually steal anything a company is run on, and they have over the years executed their plans perfectly according to Fleming. China has resorted to obtaining military gains using a none military method.

North Korea has also been linked to a number of hacking incidents, and without any method to trace the nationality of the hackers behind an attack, the ATP20 would have been linked to North Korea. Researchers discovered that the Chinese hacker group typed simplified Chinese character in the operation, and they were active during the timeframe within the Chinese time zone.

Finally, the hackers cursed in Chinese when they realized they were being caught and locked out of the system. The reason for their resurgence is partly linked to the current US administration stance on China and trade war as claimed by Fleming.

Chinese hacker group

Image Source: www.adslzone.com

An estimate by the Commission on the Theft of Intellectual Property reveals that the cost of IP theft has done a lot of damages to the US economy. It was revealed that the annual cost of IP theft to the US economy is within $200 billion and $600 billion range. China has been the principal IP infringer. A lot of Chinese hacker groups largely contribute to IP theft. This is a serious course for concern and it is expected that the annual cost of IP theft increases in 2020.

The Chinese hacker group was recently linked to a hacking incident that was reported that the hackers bypassed a two-factor authentication in the process. According to Fox-IT, the hackers target web servers as the main entry point with JBoss as the primary focus.

As claimed by the researchers, the Chinese hacker group then install web shell after accessing the network and spread it through. Also, the group seeks for administrators to account and passwords to obtain more information. They do this by utilizing the virtual network credentials for secured access.

It is understandable that most cyber-attacks are orchestrated by criminals with the sole reason of selling the obtained information on the dark web. As time goes on, cyber-attacks have gone past the basic approach motivated by finance to a more sophisticated approach motivated by the government for a political reason. Regardless of the type of cyber-attacks launched, it is possible that the attack would be less effective if the targets invest more in cybersecurity. 

Source: NNTD

Disclaimer: Darkweblink.com does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither Darkweblink.com nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.

Tags: #.onion_Links #Dark_net_Links #Dark_net_Sites_Links #.onion_Hidden_Links #Hidden_Wiki


Please enter your comment!
Please enter your name here