Latest in Gear

Image credit: Sven Loeffler via Getty Images

A Chinese hacking group is reportedly targeting governments across Asia

The hacker group "Naikon" attacks foreign affairs, science and technology ministries.
Steve Dent, @stevetdent
May 7, 2020
213 Shares
Share
Tweet
Share

Sponsored Links

Fingers typing on a laptop keyboard
Sven Loeffler via Getty Images

A Chinese hacking group has been conducting “ongoing” espionage operations on foreign governments across Asia, according to security firm Check Point. Called Naikon, it has reportedly attacked governments in Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar and Brunei, targeting foreign affairs, science and technology ministries. The aim is to gather “geo-political intelligence,” Check Point wrote in a news release.

The primary attack vector is our old friend, phishing. First, Naikon creates an official-looking email with information of interest to potential targets, obtained via public or stolen information. Should the hapless victim open the email attachment, it’s spiked with a sophisticated piece of backdoor malware called “Aria-body.” That gives the attacker access to the target’s networks and from there, they attempt to access other parts of the infrastructure to gain wider access and launch new attacks.

“Naikon’s primary method of attack is to infiltrate a government body, then use that body’s contacts, documents and data to launch attacks on others, exploiting the trust and diplomatic relations between departments and governments to increase the chances of its attack succeeding,” said Check Point.

Naikon is a known hacker group, but apparently dropped out of view around 2015. However, Check Point found that despite avoiding detection, the group has been very active during the last five years, especially in 2019-20. During that time, the group developed new tools including Aria-body.

“To evade detection, they were using exploits attributed to lots of APT [advanced persistent threat] groups, and uniquely using their victims’ servers as command and control centers,” wrote Check Point. “We’ve published this research as a warning and resource for any government entity to better spot Naikon’s or other hacker group’s activities.”

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
213 Shares
Share
Tweet
Share

Popular on Engadget

Weber’s SmokeFire smart grills just got a lot better

Weber’s SmokeFire smart grills just got a lot better

View
Atmospheric CO2 hits a record high while emissions drop

Atmospheric CO2 hits a record high while emissions drop

View
Our readers find Nintendo’s Joy-Con controllers a crushing disappointment

Our readers find Nintendo’s Joy-Con controllers a crushing disappointment

View
EA Access to hit Steam this summer after delay

EA Access to hit Steam this summer after delay

View
Instacart takes steps to discourage 'tip baiting'

Instacart takes steps to discourage 'tip baiting'

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr