Skip to main content

Attacks from Chinese hacking group have spiked, U.S. firm says

Attempted cyberattacks from a sophisticated Chinese hacking group have spiked since late January, according to cybersecurity firm FireEye Inc.

FireEye chief security architect Christopher Glyer said more than 75 of its customers were targeted in the attacks across more than a dozen countries, including the United States and Canada. The surge is “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years,” according to a post by FireEye on the cyberattacks.

“We haven’t seen something of this nature in at least three years,” Glyer told Digital Trends.

The group behind the attacks was identified as “APT41,” a China-based team made of contractors working on behalf of the Chinese government, Glyer said.

APT41 exploited flaws in Cisco and Citrix software to target firms across a variety of industries, including banking and finance, healthcare and construction firms.

The surge began on January 20 and lasted at least through March 11, with the group active as recently as this past week. Glyer said there could be numerous factors to explain the uptick in activity, such as the spread of coronavirus or the availability of a public exploit in the Cisco and Citrix software.

APT41, first flagged in 2012, is unique in that the hackers launched cyberattacks both to assist the Chinese government and for personal profit.

“There’s no other group that operates like that,” Glyer said.

In the past, APT41 has targeted telecommunications firms by planting malware that could effectively allow them to read individuals’ text messages or scan for keywords in text conversations, Glyer said.

“We’ve never seen any other group do that or have the sophistication to do that,” he said. “That’s incredibly rare.”

However, there isn’t evidence that the hacking group is using those methods during its recent spike in activity, he added.

It is the latest example of the spike in cyber crimes and attempted hacks that have been happening in and around the ongoing COVID-19 pandemic. With the added pressure of the virus and the change of routine for everyone, hackers are likely to take more advantage of people, security experts say. Already, reports have emerged of hackers posing as World Health Organization or Center for Disease Control officials in phishing attacks.

“From our perspective, we see these hacks all the time when there’s a vulnerability or data leak. The difference now is because of COVID-19 and coronavirus in the news, they [the hackers] are using it as part of their messaging,” said Dave Excell, the founder of Featurespace, a cybersecurity company that uses adaptive behavioral analytics to detect fraudulent activity.

The company works heavily in the financial sector, a space that’s seen a massive shift in the way people spend money, as everyone has moved inside and started using more credit cards online. “We’ve been as busy as ever with our customers, making sure they have the right defense in place as more people are going online to transact,” Excell told Digital Trends.

The World Economic Forum recently said that hackers are setting up fake coronavirus tracking websites and scraping the data from people who visited. In the U.K. victims lost more than 800,000 British pounds to a website promising to sell them protective face masks. Phishing attacks are on the rise, not in the least against the U.S. Department of Health and Human Services.

“If systems are already vulnerable, and the way of thinking is antiquated, and business and organizations don’t have proper protections in place to begin with, times like these will make us more vulnerable,” said Eric Bednash, CEO of RackTop Systems. “Whenever there’s a pandemic or a disaster, all of those things create added pressure, and extra opportunity for the bad guys.”

“Be extra diligent,” Bednash said, even as it might get harder to do so. “Everyone’s searching for ‘coronavirus tracker.’ Make sure you go to a reputable website. If you’re going to look up information on anything related to the pandemic, don’t click on links on your phone or computer that are not from well-known sources.”

Editors' Recommendations

Maya Shwayder
I'm a multimedia journalist currently based in New England. I previously worked for DW News/Deutsche Welle as an anchor and…
Here’s a shocking reminder of just how far ahead Intel is in race with AMD
Intel Core i5-14600K processor inside its socket.

It's no secret that between Intel and AMD, it's Intel that holds the majority of the market -- but a recent market analysis report really highlights just how much Intel beats both AMD and Apple. While both Intel and AMD make some of the best CPUs, and Apple has its own excellent proprietary silicon, Intel's CPU shipments trump them both. The report tells us that Intel controls a whopping 78% of the PC processor market.

The information comes from Canalys, a PC industry research firm. It's worth noting that it excludes tablets, which would have bumped up Apple's numbers a bit, as well as Qualcomm's. But zooming in on the PC CPU market alone, including desktops and laptops, tells a different story. The research shows a 78% market share for Intel and 13% for AMD, while Apple accounts for about 8% or slightly more. The rest belongs to MediaTek, Qualcomm, and ARM.

Read more
Beware! The latest Windows 11 update might crash your PC
A laptop running Windows 11.

Microsoft releases routine updates for Windows every month, and while the intent is to fix issues and occasionally add new features, the latest one is doing more harm than good. Some Windows 11 users have taken to social media to report that the latest KB5035853 update could be crashing their PCs, with the feared Blue Screen of Death (BSoD) appearing on startup.

Although Microsoft hasn't appeared to document any known issues with this update for Windows 11 22H2 and Windows 11 23H3, there's a Reddit thread on the matter. Frustrated Windows 11 users mention the problems they are experiencing after installing the update. One mentions that Explorer.exe shows an error during shutdown and another reports that the ribbon of the File Explorer is slow to load. Audio-related issues and PCs feeling laggy when gaming are among some of the other problems being reported.

Read more
We finally know the price of Asus’ most powerful gaming NUC
The Asus ROG NUC on a desk surrounded by three monitors.

The first Asus ROG NUC (Next Unit of Computing) model is just around the corner. The small form factor PC is now up for pre-order at a German retailer, and although it's powerful enough to rival some of the best laptops, it costs more than many comparable models -- and you'll still have to pay extra for a monitor.

Asus' first take on Intel's portable PC contains a lot of compute power in a small chassis. Although there are a few configurations of the PC, the one that was spotted up for sale ahead of time comes with Intel's latest Meteor Lake-H CPU, the Core Ultra 9 185H, which sports 16 cores and 22 threads and can be boosted to run at up to 5.1GHz, all with a thermal design power (TDP) of 45 watts. However, Asus allows overclocking, meaning that the CPU can run at up to 65 watts instead.

Read more