Latest in Gear

Image credit:

Chinese spies linked to decade-long hacking campaign

They were once thought to be isolated attacks.
Jon Fingas, @jonfingas
May 6, 2018
Share
Tweet
Share

Sponsored Links

Getty Images/Flickr RF

China's long-running hacking efforts may be more extensive than first thought. Security researchers at ProtectWise's 401TRG team have determined that a long series of previously unconnected attacks are actually part of a concerted campaign by Chinese intelligence officials. Nicknamed the Winnti umbrella, the effort has been going on since "at least" 2009 and has struck game companies (like Nexon and Trion) and other tech-driven businesses to compromise political targets.

There are common methods and goals to the attacks. They usually start with phishing to trick someone into compromising the company network (often using political bait), and then use a mix of custom and off-the-shelf malware to collect info. They'll often stay undetected by "living off the land" with the victim's own software, such as system admin tools. The intuders are primarily looking for code signing certificates and "software manipulation," according to the report.

The perpetrators also make occasional mistakes, and it's those slip-ups that helped identify the Chinese origins. They normally use command-and-control servers to hide, but they inadvertently accessed some machines using IP addresses from China Unicom's network in a Beijing district.

Even with these mistakes, the Winnti umbrella is an "advanced and potent threat," 401TRG said. It's also a not-so-subtle reminder that China's state-backed hacking efforts are deeper than they seem at first glance -- hacks that appear to be one-off incidents may be linked if you look for subtler similarities.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Engadget's 2020 Back-to-School Guide

Engadget's 2020 Back-to-School Guide

View
A $13,000 electric car will go on sale in the US by late 2020

A $13,000 electric car will go on sale in the US by late 2020

View
Alleged Twitter hacker was previously caught stealing a fortune in Bitcoin

Alleged Twitter hacker was previously caught stealing a fortune in Bitcoin

View
Tesla is reportedly close to making a more affordable Model Y

Tesla is reportedly close to making a more affordable Model Y

View
The Google Pixel 4a vs. the competition: The midrange heats up

The Google Pixel 4a vs. the competition: The midrange heats up

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr