海角大神

Skip to footer
Passcode
Modern field guide to security and privacy

Digital attacks on China critics intensify, says cybersecurity firm

The group behind the so-called Scarlet Mimic malware campaign that has traditionally targeted Tibetan and Uyghur groups are using more sophisticated tools and going after new targets, according to Palo Alto Networks.

|
Mike Segar/Reuters/File
A protester across from United Nations Headquarters in New York.

A shadowy hacker group with suspected ties to the Chinese government has increased its attacks on human rights groups and is even targeting the Russian spy agency, according to .

The cybersecurity company Palo Alto Networks noticed a recent upswing in activity in a four-year-old malware campaign dubbed "Scarlet Mimic," a reference to the program attackers use to imitate legitimate software, designed to steal location data and sensitive communications from targeted computers.

While the attackers mostly target organizations that support the rights of Tibetan and Uyghur minorities,听the unknown group behind the campaign appears to be targeting听the Russian Federal Security Service and Indian government organizations with targeted phishing attacks.

Palo Alto doesn't have specific proof linking the attacks to elements in the Chinese government or military, but the firm says the hackers' behavior and the profiles of the victims suggest China is either officially or unofficially involved in the malware campaign.

"We do believe there is a government behind this," says听Ryan Olson, director of threat intelligence at Palo Alto's Unit 42 research team. "But we don鈥檛 have any evidence linking China" directly to Scarlet Mimic, he said.

Over the past year, China has been blamed for a string of massive data breaches and hacks in the US, from the Office of Personnel Management incursion to the Anthem data breach. But for years, civil society and rights groups such as听the World Uyghur Congress and听Tibetan Alliance of Chicago have complained they are under constant digital surveillance and attack from Chinese agencies.听

For instance, in听2012, the cybersecurity firm听听described how Tibetan activists 鈥 ranging from personal envoys of the Dalai Lama to students in San Francisco 鈥 were victims of near daily cyberattacks.

Mr. Olson听said the firm is publishing data about the increase in attacks in hopes it will expose hackers' techniques and enable likely targets to effectively boost security.听"Our main goal in publishing this info is to expose these attack tools and infrastructure and to make them redevelop everything."

In addition to targeting Windows systems, the group behind Scarlet Mimic have recently started using malware to infect听Android and Apple鈥檚 Mac OS X operating systems.听

In most cases, the attackers use spear-phishing e-mails with a malicious attachment to compromise the systems of targeted individuals. People who open the attachments inadvertently download a malware tool that takes advantage of a variant of a previously known vulnerability in Windows, dubbed FakeM, to infect their systems.

One of the decoy images that Palo Alto recovered included an image comparing Russian听President Vladimir Putin to Adolf Hitler.听

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
海角大神 was founded in 1908 to lift the standard of journalism and uplift humanity. We aim to 鈥渟peak the truth in love.鈥 Our goal is not to tell you what to think, but to give you the essential knowledge and understanding to come to your own intelligent conclusions. Join us in this mission by subscribing.
QR Code to Digital attacks on China critics intensify, says cybersecurity firm
Read this article in
/World/Passcode/2016/0125/Digital-attacks-on-China-critics-intensify-says-cybersecurity-firm
QR Code to Subscription page
Start your subscription today
/subscribe