Despite Anti-Spying Pact, Chinese Hackers Continue to Attack US Targets

Status
Not open for further replies.
Exterminator

Exterminator

Community Manager
Thread author
Verified
Staff Member
Well-known
Oct 23, 2012
12,527
Content source
http://news.softpedia.com/news/despite-anti-spying-pact-chinese-hackers-continued-to-attack-us-targets-494822.shtml
Chinese attacks resumed one day after the pact was signed
The US and China anti-spying pact did not yield the desired results for some US companies, which, despite the pompous White House announcement, have yet to see a stoppage of attacks from known Chinese-sponsored hacking groups.

While only a week ago we were reporting on some arrests made by the Chinese government among its own cyber-intelligence forces, the situation is not as rosy as we were led to believe.

According to US cyber-security vendor CrowdStrike Inc., attacks from Chinese hackers were recorded on a regular basis before, during, and after the Obama-Xi presidential meeting, and the subsequent announcement of the US-Chinese anti-spying agreement.

CrowdStrike gathered this information with the help of its CrowdStrike Falcon security platform, installed on the IT infrastructure of multiple Fortune 500 companies.

Attacks were recorded one day after the anti-spying pact was signed
As the security vendor is reporting, on September 26, a day after the anti-spying pact was announced, known Chinese-sponsored hackers tried to infiltrate the network of a US company activating in the technology field.

The attacks slowly continued in the ensuing days, and CrowdStrike recorded multiple attempts on five tech companies and two firms from the pharmaceutical sector.

These attacks were intentionally constructed, aimed and carried out so they would allow attackers to exfiltrate valuable intellectual property from the target's servers, something expressly prohibited by the official US-China agreement.

Attribution to Chinese state-sponsored hacking groups was easy
CrowdStrike says that the MO of these attacks followed previously recorded patterns employed by Chinese spying groups in the past, meaning the hackers relied on compromising Web servers, and then, using SQL injections, gaining access to a company's internal network via the China Chopper webshell.

The PlugX and Derusbi malware strands were also detected in some of the attacks, both known tools used by Chinese-sponsored hackers in the past.

"So does this evidence of ongoing intrusions into the commercial sector from China indicate the failure of the U.S.-China cyber agreement?" asks Dmitri Alperovitch, CrowdStrike Co-Founder and CTO. "That depends on what we do about it, and how long the current situation persists."

Many security and cyber-espionage experts have warned that the attacks might not stop and that this pact is just for show, but as Mr. Alperovitch has highlighted, the success of this agreement now resides solely in the response the US government gives to Chinese authorities after the recent incidents.
Click to expand...
 
  • Like
Reactions: Maikuolan, upnorth and Cats-4_Owners-2
upnorth

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,459
Thats surprising...

Q8LuuGNz.jpg

:D
 
Status
Not open for further replies.

Similar threads

Bot
    • Applause
    • Like
Security News DOJ Indicts Chinese Nationals Belonging to Chinese State-Backed Hacking Group APT31
Replies
0
Views
853
Security News
Bot
Bot
[correlate]
    • Like
Mandiant details Chinese cyber espionage hackers evolve stealth tactics to avoid detection
Replies
0
Views
941
News Archive
[correlate]
[correlate]
[correlate]
    • Like
    • Wow
    • HaHa
Japan’s cyber security agency suffers months-long breach
Replies
6
Views
1,109
News Archive
Sandbox Breaker
Sandbox Breaker

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top