This article is more than 1 year old

Buckeyed cyberspies' switch

Cyberespionage group Buckeye has switched targets from the US to Hong Kong.

Buckeye (also known as APT3, Gothic Panda, UPS Team or TG-0110) is a longstanding hacking group group that has been together for at least seven years. Buckeye is blamed for using a remote access Trojan (Backdoor.Pirpi) in attacks against a US organisation’s network in 2009.

Up to mid-2015, Buckeye’s traditional targets were US (and to a lesser extent UK) organisations. Over its history the group made occasional use of zero-day vulnerabilities, specifically in Internet Explorer and Flash - a factor that marks Buckeye out as a better resourced member of the growing list of so-called APT group.

Buckeye's interests changed substantially around June 2015 when the group began infecting organisations in Hong Kong. Infections in the UK and US ceased shortly after this time. In at least some of these recent attacks, Buckeye used spear-phishing emails with a malicious .zip attachment, as a write-up on Buckeye by security firm Symantec explains. ®

More about

TIP US OFF

Send us news