Latest in Gear

Image credit: Yuichiro Chino via Getty Images

Chinese hacking group targeted governments in six countries

The Calypso APT group has been active since 2016.
286 Shares
Share
Tweet
Share

Sponsored Links

Yuichiro Chino via Getty Images

A Chinese hacking group has caused chaos for government organizations in numerous different countries for the last three years, a new report reveals.

As uncovered by enterprise security company Positive Technologies, the Calypso APT (or Advanced Persistent Threat) group has been active since 2016 and has targeted state institutions in India, Brazil, Kazakhstan, Russia, Thailand and Turkey.

The attacks worked by hacking the perimeter of an organization's systems, then using special utilities and malware to gain access to the internal network. Once inside, the hackers could move through the system in one of two ways: either by exploiting Remote Code Execution vulnerabilities or using stolen credentials.

With this method, the attack group was able to successfully damage government organizations in every country they targeted. Positive Technologies attributed the group's success to its use of widely available public tools: "These attacks succeeded largely because most of the utilities the group uses to move inside the network are widely used by the specialists everywhere for network administration. The group used publicly available utilities and exploit tools, such as SysInternals, Mimikatz, EternalBlue and EternalRomance."

Positive Technologies believes the Calypso APT group to be Chinese-speaking due to its use of PlugX malware, a favorite tool among Chinese groups, as well as the Byeby trojan. In addition, it uncovered some real IP addresses of the hackers which were linked to Chinese providers.

More details about the specifics of the attacks can be found in the Calypso APT report.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
286 Shares
Share
Tweet
Share

Popular on Engadget

Lime knows when you're riding its scooters on the sidewalk

Lime knows when you're riding its scooters on the sidewalk

View
Google Translate is getting a transcribe mode for lectures, speeches

Google Translate is getting a transcribe mode for lectures, speeches

View
Google's latest stab at messaging may be an all-in-one business app

Google's latest stab at messaging may be an all-in-one business app

View
Mini's 2020 Cooper SE zips around town powered by electrons

Mini's 2020 Cooper SE zips around town powered by electrons

View
'Destiny 2' is offline as Bungie tries to fix a data-erasing bug (updated)

'Destiny 2' is offline as Bungie tries to fix a data-erasing bug (updated)

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr