At this point, it’s really no secret, nor hard to believe that the Chinese government is working closely with various groups of hackers. One group, in particular, APT41, has been responsible for hacking into various businesses including some crypto-companies.
A new report from FireEye alleges that the group, called APT41, has been targetting both crypto-firm and other industries like healthcare, media, pharmaceuticals, software, telecommunications, and travel.
Said to be associated with the Chinese government, FireEye’s report claims that the group targetted businesses “generally aligned with China’s Five-Year economic development plans.” Sometimes, the group also gathers intelligence on various mergers, acquisitions, and political events.
Mysterious Hacking Group Linked to the Chinese Government
FireEye said that it can determine “with high confidence” that APT41 is now working with the Chinese government. In June of last year, the group was responsible for mass sending spear-phishing emails for a cryptocurrency-led decentralized gaming platform. Another cryptocurrency exchange was also targetted that same month. The group has also been responsible for deploying malicious codes to mine Monero (XMR) on suitable targets and often engages in ‘cyber extortion.’
The report outlines a long list of targets which is alleged to have been committed by the group. Countries targetted include India, Japan, France, South Africa, Turkey, the United Kingdom, Italy, and many others. As of 2019, APT41 mainly focuses its attacks on education, telecommunications, and high-technology industries.
Still Shrouded in Mystery
As of now, 14 countries in total have been targetted over the course of 7 years. FireEye writes that these attacks “follow targeting of verticals consistent with Chinese national policy priorities.” The group now mainly focuses on intellectual hacking attempts and has moved away from purely financial motivations to state-led ones.
APT41 bears some resemblance to North Korea’s own hacking group often called ‘APT38.’ It is unclear if the two groups are related. However, the North Korean branch has been far more successful and has stolen around $2B in USD since 2015. These cyber-attacks were orchestrated by the Korean People’s Army’s Reconnaissance General Bureau.
The FireEye report is likely a conservative understatement of the full extent of APT41’s operations since many facts are still unknown.
Read more on beincrypto.com