State-backed Chinese hacking groups have infiltrated at least five global telecom companies and stole phone records and location data, according to cybersecurity researchers.
Hacker groups launched a campaign in Southeast Asia from 2017 to 2021, in some cases exploiting security vulnerabilities in Microsoft Exchange servers, to gain access to carriers’ internal systems, according to a new report. Cyberson, based in the United States.
Leor Dave, CEO of Cybereason says hackers have the ‘holy grail of espionage’ By taking full control of the communications networks that have been hacked. Cybereason named groups Soft cell, Naikon y Group-3390.
“State-sponsored espionage not only negatively affects t .’s customers and business partnerscommunications, but also has the potential to threaten the national security of countries in the region and those with vested interests in the region’s stability.
the Chinese Foreign Ministry Wednesday said that the report It “exaggerates the political rumours” created by the United States and its allies and is “made out of thin air.” The department also urged relevant US security companies to “pay more attention to cyber attacks by US government hackers against China and other countries.”
A Microsoft spokesperson said the company had not yet seen the report, and therefore declined to comment.
Div refused to name specific companies or countries where hackers made intrusions, Although the report said they were targeting telecoms companies in some Southeast Asian countries that have longstanding disputes with China. He also cited an earlier investigation by cybersecurity firm Check Point Software Technologies Ltd that found that one of the hacking groups previously targeted government ministries of foreign affairs, science and technology, as well as state-owned companies in countries such as Indonesia. and the United Kingdom.
It is likely that the intent of the hackers was to obtain information on companies, political figures, government officials, law enforcement agencies, political activists and dissident factions of interest to the Chinese government, according to Cybereason investigators. However, the security firm concluded that hackers also have the ability to shut down or disable networks if they choose to change their priorities from spying to interfering.
Cybereason found that hackers were “highly sophisticated and adaptable,” constantly circumventing security measures. One group was observed hiding their malware in recycle bin folders on computers. Another group masqueraded as anti-virus software and also used a South Korean media player called “PotPlayer” to infect computers with a key tool that recorded what they were typing.
In some cases, hackers have accessed telecom networks Breaking security vulnerabilities in Microsoft Exchange servers. Hackers affiliated with the group known as Soft Cell were exploiting some of the vulnerabilities at least three months before Microsoft publicly revealed them in March 2021, according to Cybereason.
The security firm’s findings follow accusations by the US and UK governments, which blamed the actors on July 19. The Chinese government continued a series of global attacks on Microsoft Exchange servers. “The Chinese government must put an end to this systematic cyber sabotage and can expect to be held accountable if it does not,” British Foreign Secretary Dominic Raab said in a statement.
“Pop culture advocate. Troublemaker. Friendly student. Proud problem solver.”