- Joined
- May 15, 2016
- Messages
- 10,340
- Likes
- 2,620
- Points
- 1,730
The main purpose of the group is cyber espionage.
Security researcher Joey Chen of Sentinel Labs has uncovered a decade-long malware campaign run by a single Chinese hacker group.
The group, which Chen named Aoqin Dragon, specializes in cyber espionage and mainly attacks targets in Australia, Cambodia, Hong Kong, Singapore and Vietnam. The attackers trick the victim into opening a malicious Word document that installs the Mongall backdoor or a modified version of the Heyoka open source project on the system.
Over the years, hackers have used different themes for malicious documents. Sometimes these were regional political topics, and sometimes pornographic content.
In some cases, fake removable media was initially installed on the victim's system, after clicking on which malware was installed. Another tool in the group's arsenal are fake antivirus applications.
By compromising the system, hackers try to get more access to the network in order to obtain useful information.
The victims of Aoqin Dragon are government organizations, educational institutions and telecommunications companies. In choosing targets for attacks, the group is guided by the interests of the Chinese government.
China is often accused of using dishonest means to obtain confidential information from the private sector and government organizations. Chen believes that Aoqin Dragon will continue to move in this direction.
“We estimate that it is likely that they will also continue to improve their skills, finding new methods of evading detection and staying longer in the attacked network,” the researcher said.
__________________
Security researcher Joey Chen of Sentinel Labs has uncovered a decade-long malware campaign run by a single Chinese hacker group.
The group, which Chen named Aoqin Dragon, specializes in cyber espionage and mainly attacks targets in Australia, Cambodia, Hong Kong, Singapore and Vietnam. The attackers trick the victim into opening a malicious Word document that installs the Mongall backdoor or a modified version of the Heyoka open source project on the system.
Over the years, hackers have used different themes for malicious documents. Sometimes these were regional political topics, and sometimes pornographic content.
In some cases, fake removable media was initially installed on the victim's system, after clicking on which malware was installed. Another tool in the group's arsenal are fake antivirus applications.
By compromising the system, hackers try to get more access to the network in order to obtain useful information.
The victims of Aoqin Dragon are government organizations, educational institutions and telecommunications companies. In choosing targets for attacks, the group is guided by the interests of the Chinese government.
China is often accused of using dishonest means to obtain confidential information from the private sector and government organizations. Chen believes that Aoqin Dragon will continue to move in this direction.
“We estimate that it is likely that they will also continue to improve their skills, finding new methods of evading detection and staying longer in the attacked network,” the researcher said.
__________________