Facebook unmasks Vietnam’s APT32 hacking group


Level 84
Thread author
Top poster
Content Creator
Malware Hunter
Aug 17, 2014
The Facebook security team has revealed today the real identity of APT32, a Vietnam-backed hacking group active in cyberespionage campaigns targeting foreign government, multi-national corporations, and journalists since at least 2014.

The APT32 nation-state hackers were linked to Vietnamese IT firm CyberOne Group in a report published earlier today by Nathaniel Gleicher, Facebook's Head of Security Policy, and Mike Dvilyanski, Cyber Threat Intelligence Manager.

"Our investigation linked this activity to CyberOne Group, an IT company in Vietnam (also known as CyberOne Security, CyberOne Technologies, Hành Tinh Company Limited, Planet and Diacauso)," they said.
"As our industry partners have previously reported, APT32 has deployed a wide range of adversarial tactics across the internet. We have been tracking and taking action against this group for several years."

After making the connection between the APT group and the Vietnamese IT firm, Facebook added all associated domains with the two entities to a global block list to prevent them from being shared on the social network.

Facebook also removed all accounts associated with the group from its platform and notified the individuals that may have been targeted by APT32.

Users who are viewing this thread