Members of a Chinese-state-sponsored hacking group have been using their skills to enrich themselves for years in operations targeting the gaming industry, cybersecurity company FireEye announced Wednesday.
By day, the group, dubbed APT41, conducts espionage in the health care, telecommunications, and education sectors, FireEye said. By night, those same hackers have manipulated virtual currency in the gaming sector and, in one case, tried to deploy ransomware, to line their pockets.
In a first for China-based group, the company said, the hackers are using malware typically reserved for spying for personal gain.
“Their aggressive and persistent operations for both espionage and cybercrime purposes distinguish APT41 from other adversaries and make them a major threat across multiple industries,” said Sandra Joyce, FireEye’s senior vice president of global threat intelligence.
APT41’s unveiling comes as the U.S. and China are locked in a bitter trade dispute, and after years of U.S. officials alleging that the Chinese government has sponsored cyber-economic espionage. In multiple indictments, U.S. officials have accused Beijing-backed hackers of stealing intellectual property (IP). China has denied the allegations. For its part, APT41 doesn’t seem to have stolen IP since late 2015, according to FireEye.
The dossier on APT41 stretches back years, and overlaps with what other companies call Barium or Winnti, which are related groupings of Chinese-speaking hackers. Sometime after 2012, the group now labeled APT41 expanded from money-making campaigns to activity that was likely state-backed, according to FireEye. They then maintained a balance between their state-sponsored work and the financially-motivated moonlighting.< ..
Support the originator by clicking the read the rest link below.
