Chinese state-sponsored hackers attacking crypto firms

  • The Chinese government is working with the hacker group APT41 to attack various industries.
  •  The financially motivated hacker group is tasked with gathering intelligence.

According to a recent report by FireEye, Chinese state-sponsored hackers are attacking many companies, including crypto firms. A hacking collective called APT41 is performing the hacks. This group which was previously involved in violating the security of video game companies for financial gains, is now working alongside the Chinese government. 

The report stated that apart from crypto firms, the hackers are also targeting other industries like healthcare, high technology (semiconductors, batteries, and electric vehicles), media, pharmaceuticals, retail, software, telecommunications and travel services. According to FireEye, the hacker group “targets industries in a manner generally aligned with China’s Five-Year economic development plans.” Additionally, the group is also tasked “to gather intelligence ahead of imminent events, such as mergers and acquisitions and political events.”

FireEye also found code similarities between the malware used by the hackers to target a US-based gaming development studio in 2016 and the malicious programs used to target supply chain companies in the next two years. The report said:

“Unlike other observed Chinese espionage operators, APT41 conducts explicit financially motivated activity, which has included the use of tools that are otherwise exclusively used in campaigns supporting state interests. The late-night to early morning activity of APT41’s financially motivated operations suggests that the group primarily conducts these activities outside of their normal day jobs.”

Source Link