TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    Twitch is testing channel surfing

    July 2, 2022

    You don’t need a crowd for a communal moment

    July 2, 2022

    You can now play the “all your base are belong to us” game on your Switch

    July 2, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      Twitch is testing channel surfing

      July 2, 2022

      You can now play the “all your base are belong to us” game on your Switch

      July 2, 2022

      There’s a better way to bypass Windows 11 install restrictions

      July 2, 2022

      What is the best controller for Xbox consoles?

      July 1, 2022

      The GPU shortage is over

      July 1, 2022
    • Business
    • Cyber Security

      Tips to bolster cybersecurity, incident response this 4th of July weekend

      July 1, 2022

      Jon Raper named CISO at Costco

      July 1, 2022

      2022 RSAC takeaways: Risk management vs compliance

      July 1, 2022

      3 security lessons we haven’t learned from the Kaseya breach

      July 1, 2022

      Auston Davis named CISO at Versant Health

      June 30, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»State-Sponsored Hackers Supporting China’s Naval Modernization Efforts: Report
    Cyber Security

    State-Sponsored Hackers Supporting China’s Naval Modernization Efforts: Report

    March 5, 2019Updated:March 5, 2019No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email


    APT40 Hackers Appear to be Supporting China’s Belt and Road Initiative

    A cyber-espionage group believed to be sponsored by the Chinese government is focused on targeting countries important to the country’s Belt and Road Initiative, FireEye reports. 

    Referred to as APT40 by FireEye, but also known as TEMP.Periscope, TEMP.Jumper, and Leviathan, the hacking group has been active since at least 2013 and appears to be focused on supporting China’s naval modernization efforts. It was observed targeting engineering, transportation, and defense sectors, especially when they overlap with maritime technologies. 

    Recently, the hacking group was observed targeting countries strategically important to the Belt and Road Initiative, including Cambodia, Belgium, Germany, Hong Kong, Philippines, Malaysia, Norway, Saudi Arabia, Switzerland, the United States, and the United Kingdom.

    The group also targeted universities engaged in naval research and its focus on acquiring advanced technology to support the development of Chinese naval capabilities reveal an effort to support China’s ambition to establish a blue-water navy, FireEye notes. 

    APT40 also targets traditional intelligence targets, mainly organizations with operations in Southeast Asia (including entities linked to regional elections) or involved in South China Sea disputes. 

    “We assess with moderate confidence that APT40 is a state-sponsored Chinese cyber espionage operation. The actor’s targeting is consistent with Chinese state interests and there are multiple technical artifacts indicating the actor is based in China,” FireEye’s security researchers say. 

    The hackers’ active hours are centered around China Standard Time (UTC +8) and many of the group’s command and control (C&C) domains were initially registered by China based domain resellers with Chinese location information, thus pointing to a China based infrastructure procurement process. The group also used multiple IP addresses located in China. 

    The group’s attacks start with web server exploitation, phishing emails with malicious attachments, and weaponized Office documents (exploits include CVE-2012-0158, CVE-2017-0199, CVE-2017-8759, and CVE-2017-11882). 

    The group attempts to harvest credentials and escalate privileges using various tools, including the HOMEFRY password dumper/cracker, the Windows Sysinternals ProcDump utility and Windows Credential Editor. 

    In addition to publicly available and custom malware (including AIRBREAK, FRESHAIR, BEACON, PHOTO, BADFLICK, MURKYSHELL, MURKYTOP, DISHCLOTH, PAPERPUSH, and CHINA CHOPPER), the group leverages Remote Desktop Protocol (RDP), SSH, native Windows capabilities and legitimate applications for reconnaissance, lateral movement, and persistence. 

    Some of the group’s malware can evade typical network detection by leveraging legitimate services such as GitHub, Google, and Pastebin for initial C&C communication, and the use of TCP ports 80 and 443 also allows the hackers to blend in with routine network traffic. 

    “Despite increased public attention, APT40 continues to conduct cyber espionage operations following a regular tempo, and we anticipate their operations will continue through at least the near and medium term. Based on APT40’s broadening into election-related targets in 2017, we assess with moderate confidence that the group’s future targeting will affect additional sectors beyond maritime, driven by events such as China’s Belt and Road Initiative,” FireEye concludes. 

    Related: Chinese Hackers Target UK Engineering Company: Report

    Ionut Arghire is an international correspondent for SecurityWeek.

    Previous Columns by Ionut Arghire:
    Tags:



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Tips to bolster cybersecurity, incident response this 4th of July weekend

    July 1, 2022 Cyber Security

    Jon Raper named CISO at Costco

    July 1, 2022 Cyber Security

    2022 RSAC takeaways: Risk management vs compliance

    July 1, 2022 Cyber Security

    3 security lessons we haven’t learned from the Kaseya breach

    July 1, 2022 Cyber Security

    Auston Davis named CISO at Versant Health

    June 30, 2022 Cyber Security

    Lessons learned from slew of recent data breaches

    June 30, 2022 Cyber Security
    Editors Picks

    You don’t need a crowd for a communal moment

    July 2, 2022

    You can now play the “all your base are belong to us” game on your Switch

    July 2, 2022

    Crypto hedge fund Three Arrows files for bankruptcy

    July 2, 2022

    There’s a better way to bypass Windows 11 install restrictions

    July 2, 2022
    Trending Now

    Google will start auto-deleting abortion clinic visits from user location history

    By techbizweb

    Ryanair chief warns fares will rise for 5 years because flying is ‘too cheap’

    By techbizweb

    The government’s going after alleged crypto scammers as market crashes

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.