FireEye, a California-based network security firm, has reasons to believe that the Chinese government is behind an on-going cyber espionage in India and other Southeast Asian countries including the Philippines that dates as far back as 2004.
In the company’s recently-published report, FireEye Labs Team in Singapore uncovered a set of malware that were developed with a dedicated set of tools built by a group identified in the report as APT 30 which stands for Advanced Persistent Threat.
FireEye was keen to point out that the tool that APT30 is using is constantly updated which allow them to be virtually undetected for at least a decade. This leads the security firm to believe that either APT30 maintains this alleged tool themselves or they are working closely with other developers that provides maintenance and updates for it.
Based on the targets that FireEye identified, which are mostly in the Southeast Asian region, the security firm suspects that the malware is primarily being used by APT 30 in “acquiring sensitive information from a variety of targets” for political gain.
APT 30 takes a special interest in political developments in South East Asia and India, and is particularly active at the time of ASEAN summits, regional issue, and territorial disputes between China, India and Southeast Asia countries.”
– FireEye
In line with this, FireEye uncovered that the group has setup an elaborate hack during the 2013 ASEAN conference which involved putting up fake ASEAN domains which, according to their analysis, are filled with malware designed to steal sensitive information from the victim.
Along with political targets, FireEye also uncovered that APT 30 is also spying on private companies and journalists across Southeast Asia, particular those “who do not provide favorable coverage”.
In an interview with TechCrunch, FireEYE CTO for APAC Bryce Boland stated that although their research doesn’t provide an exact proof that will link the Chinese government to the decade-long cyber espionage, “all signs point to China”.
Sources: 1 & 2
Via: TechCrunch
cdrking ??
Sa totoo lang baka pati yung mga in-demand na XiaoMi powerbanks eh may tinatago rin na spyware circuitry… Baka buhay din yung data pins ng charging cable niya… Kaya everytime nagcha-charge ka, alam na…
every thing that is free across the web is not actually free. they are acquiring information for you which is very valuable than the service they are giving.
Google is a good example of this.
Hindi Lang China ang gumagawa ng ganyan, pati US, UK, Russia at iba pang mga malakas na bayan.
not only phone but some Internet Server made in china.
last year we have a website hosted on that server and na compromised yung server and the administrator said it was suspected na manufactured in china.
nagtataka talaga na compromised sya.
Malamang Chinese branded phones also have something like this kaya sobrang mura. Gaya nung controversy with Xiaomi dati re cloud backup na kahit naka off nagsesend parin ng data to Chinese Ministry of Information.