Articles about cyber-espionage

South Korea targeted by cyberspies (again). Kim, got something to say?

The South Korean public sector is once again in the firing line of a sophisticated – and likely government-backed – cyberattack. The campaign was active between November 2016 and January 2017 and relied on exploiting vulnerabilities in a Korean language word processing program and a spoofed document from the Korean Ministry of …
John Leyden, 24 Feb 2017

TeamSpy hackers get the crew back together after four-year hiatus

Updated Cybercrooks have once again begun slinging malware that subverts elements of the legitimate TeamViewer remote control app to snoop on victims. The tactic was previously seen in 2013. Attacks typically begin with booby-trapped emails harbouring malicious attachments that pose as eFax messages. If installed, the malicious code …
John Leyden, 21 Feb 2017

Russia and China bombard Blighty with 188 cyberattacks in 3 months

Britain has been hit by 188 "high-level attacks" in the last three months. Some of these attempts include Russian state-sponsored hackers trying to steal defence and foreign policy secrets, according to the UK's newly appointed National Cyber Security Centre chief Ciaran Martin. Russian and Chinese attacks on defence and …
John Leyden, 13 Feb 2017

Chinese hackers switch tactics for spying on Russian jet makers

Chinese state-sponsored hackers are targeting military and aerospace interests in Russia and Belarus. Since the summer of 2016, a group began using a new downloader known as ZeroT, spear-phishing emails to install the PlugX remote access Trojan (RAT), according to security researchers at Proofpoint. In previous campaigns, the …
John Leyden, 3 Feb 2017

UK defence secretary: Russian hacks are destabilising Western democracy

The UK defence secretary has accused Russia of using hacking to destabilise the West. Sir Michael Fallon said the Kremlin is "weaponising misinformation" as part of a sustained campaign that goes beyond alleged meddling in the 2016 US presidential election. NATO needs to do more to combat the threat, the senior cabinet …
John Leyden, 3 Feb 2017
MOSCOW, RUSSIA, JANUARY 2017: Russian traditional toy - Matryoshka with a portrait of Putin and Trump. showcase souvenir kiosk Editorial credit: dimbar76 / Shutterstock, Inc.

Cyber-spying, leaking to meddle in foreign politics is the New Normal

Feature The allegations that computer hackers affected the outcome of the 2016 US presidential election have cast a long shadow and might appear to be unprecedented. But in fact they are not. Computer hacking has also featured as an issue in previous elections, in the US and elsewhere, albeit in much more peripheral roles. China, …
John Leyden, 1 Feb 2017

'Ancient' Mac backdoor discovered that targets medical research firms

Security researchers at Malwarebytes have discovered a Mac backdoor using antiquated code that targets biomedical research facilities. The malware was probably created years ago but has only recently been discovered. Malwarebytes speculates that it wasn't found before because it was only ever used in targeted attacks, limiting …
John Leyden, 18 Jan 2017

French spies warn politicians of hack risk as election draws near

French authorities are warning political parties about the increased threat of cyber attacks as the country prepares to elect a new president in May. Last year's US presidential election was marred by cyber attacks and leaks. US intel agencies blame Russia for the hack1 and subsequent leak of sensitive emails and other …
John Leyden, 16 Jan 2017
Mad Saudi

Because I'm bad, I'm bad, Shamoon: PC wiper tried to shut down Saudi snapshot defences

Security researchers have identified a second wave of Shamoon 2 PC-wiping attacks against a further target in Saudi Arabia last November. The new research shows hackers upping the ante and developing more sophisticated, multi-stage attacks. The original Shamoon attack hobbled the network of Saudi Aramco in 2012. Similar …
John Leyden, 10 Jan 2017
Photo by MediaGroupBestForYou / Shutterstock

'I told him to cut it out' – Obama is convinced Putin's hackers swung the election for Trump

Analysis Outgoing US President Barack Obama has promised to take action against Russia over its alleged interference in the presidential election campaign. American intelligence agencies have concluded that hackers linked to the Kremlin infiltrated the computer network of the Democratic National Committee as well as the email account …
John Leyden, 17 Dec 2016

US DNC hackers blew through SIX zero-days vulns last year alone

Security researchers have shone fresh light on the allegedly Russian state-sponsored hacking crew blamed for ransacking the US Democratic National Committee's computers. Sednit – also known as APT28, Fancy Bear and Sofacy – has been operating since 2004. The cyber-mob has reportedly infiltrated machines operated by targets as …
John Leyden, 20 Oct 2016

Phishing scam targets ... actual fishermen in eastern Ukraine

Security firm ESET has uncovered a long running cyber-espionage campaign in Ukraine, and seemingly targeted at separatists. Operation Groundbait is a targeted attack most likely run from within Ukraine by as yet unidentified politically motivated hackers. The region is a hotspot for malware-based spying campaign thanks largely …
John Leyden, 18 May 2016
Indian riot

Cricket can get nasty: India v Pakistan rivalry boils over into cyber-war

The continuing rivalry between India and Pakistan has spilled over into cyberspace, with activity peaking around nationalist holidays and sports fixtures. A study of recent real-world events and hacktivist operations by threat intelligence firm Recorded Future highlights the varied motives behind online malfeasance. Events …
John Leyden, 11 Feb 2016
Traffic in Saigon. Pic: "M M"

Asian cyber-spies fling Seven Pointed Dagger against Myanmar, NGOs

A multi-stage attack campaign targeting Asian governments and (perhaps) non-governmental organisations has been uncovered. The threat campaign involves a newly-discovered Remote Access Trojan (RAT) dubbed Trochilus by security researchers at Arbor Networks. Trochilus (pronounced “tro kil us”) is part of a seven-piece malware …
John Leyden, 12 Jan 2016

Stuxnet-style code signing of malware becomes darknet cottage industry

Underground cybercrooks are selling digital certificates that allow code signing of malicious instructions, creating a lucrative and expanding cottage industry in the process, according to new research from threat intelligence firm InfoArmor. In one case, a hacker tricked a legitimate certificate authority into issuing digital …
John Leyden, 4 Nov 2015
A Chinese laundry on the back streets of Shanghai

Security experts split on whether China is breaking no-hack pact

Security intelligence firm CrowdStrike has released a report alleging that Chinese hacking crews which they claim are likely state-sponsored are still attacking the US despite a anti-economic espionage pact agreed just a month ago when the Chinese president visited the US. In a blog post, CrowdStrike states that it has seen no …
John Leyden, 19 Oct 2015
A Chinese laundry on the back streets of Shanghai

China cuffs hackers at US request to stave off sanctions

Hacking suspects have been arrested in China by the nation's authorities at the behest of the US government for the first time, The Washington Post reports. The unprecedented arrests took place in early September – shortly before Chinese President Xi Jinping's state visit to Washington – and appeared aimed at providing a show …
John Leyden, 9 Oct 2015

Cyber peace deal still possible despite China's US cyber-spying denials

The US and China are still expected to announce a cyberwar peace deal, despite signs to the contrary during a state visit to the US by the Chinese paramount leader this week. Chinese President Xi Jinping kicked off his visit by telling the Wall Street Journal that the "Chinese government does not engage in theft of commercial …
John Leyden, 23 Sep 2015

Create a news alert about cyber-espionage, or find more stories about cyber-espionage.

Biting the hand that feeds IT © 1998–2018