Chinese state-sponsored cyber espionage threat group identified

Last Updated: Thu, Aug 08, 2019 11:21 hrs
Cyber Security (Image Courtesy: theconversation.com)

New Delhi: A new Chinese state-sponsored cyber espionage threat group named "Double Dragon" or "APT41" that is conducting financially-motivated activity for personal gain has been identified by cybersecurity company FireEye.

The group's activity traces back to 2012 when individual members of "APT41" conducted primarily financially-motivated operations focused on the video game industry before expanding into likely state-sponsored activity.

"Over the last seven years, 'APT41' has targeted organisations in 14 countries, out of which India has also been a prime target. Rest of the countries span across Asia Pacific, European, African and American regions," the cybersecurity company said in a statement.

The threat group is known to use its access to production environments to inject malicious code into legitimate files which are later distributed to victim organisations.

Espionage operations occurred while the group was still carrying out financially-motivated campaigns, including longer-term intrusions which typically extended for more than a year, FireEye added.

In one instance, "APT41" was attempting to steal data from a healthcare target while also attempting to deploy ransomware at a video game studio.