Tue, May 16, 2017 - Page 5 News List

Vietnam-aligned hackers hit foreign firms: FireEye

Bloomberg

Cyberespionage attacks against foreign companies operating in Vietnam have been traced to a group of hackers “aligned with Vietnamese state interests,” according to a report by cybersecurity provider FireEye.

The attacks by the group — designated by FireEye as APT32 — have been conducted since at least 2014, mainly targeting companies operating in the manufacturing, consumer products and hospitality sectors, FireEye said in the report released on Sunday.

The group has also targeted foreign governments, dissidents and journalists, it said.

“The unauthorized access could serve as a platform for law enforcement, intellectual property theft, or anti-corruption measures that could ultimately erode the competitive advantage of targeted organizations,” the report said.

APT32 conducted the attacks by leveraging files that use social-engineering methods to entice victims, FireEye said.

The file then downloads malicious payloads from remote servers, with further attacks delivered via “phishing” e-mails, it said.

The group is also targeting security, technology infrastructure and consultancy companies, FireEye said, adding that APT32 continues to threaten political activism and free speech in Southeast Asia.

“Governments, journalists and members of the Vietnam diaspora may continue to be targeted,” the report said.

According to the report, examples of the attacks by APT32 include a European corporation compromised in 2014 prior to constructing a manufacturing facility in Vietnam; Vietnamese and foreign-owned corporations targeted last year; and Vietnamese offices of a global consulting firm attacked this year.

“While actors from China, Iran, Russia and North Korea remain the most active cyberespionage threats tracked and responded to by FireEye, APT32 reflects a growing host of new countries that have adopted this dynamic capability,” it said.

The report comes as a new wave of ransom threats hit more than 200,000 computers in at least 150 countries, affecting companies and government agencies from the US to Europe to Asia.

The malware used a technique purportedly stolen from the US National Security Agency.

This story has been viewed 2337 times.

Comments will be moderated. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned.

TOP top