A Chinese hacker group has been conducting a spy campaign for five years cyberspace aimed at Asian governments. The Chinese hacker group, known as Naikon, has targeted various countries such as Australia, Indonesia, the Philippines, Vietnam, Thailand, Myanmar and Brunei, according to Check Point. In particular, Naikon targets the Ministries of Foreign Affairs, Science and Technology, as well as government organizations, aiming to gather geopolitical information.
Security researchers discovered Naikon in 2015. However, she said Check Point The traces of this group of hackers have now been lost and so there is no new information or reports about any of its activities. The hacker group has been active for the past five years, but has intensified its activities espionage in cyberspace in 2019 and the first quarter of 2020.
It is unknown at this time what he will do after leaving the post. However, the Threatconnect , a security company based in Washington, D.C., released a report in 2015 stating that the hacker group was a unit of the Chinese People's Liberation Army (PLA). Its Ministry of Foreign Affairs China did not comment on the matter. According to CNBC, Naikon is trying to infiltrate a government agency and use the information it will be able to extract, such as contacts and documents, to attack other services of the country's government. Check Point began investigating the case after finding one emails which contained a malicious document.
When this document is opened, it penetrates a user's computer and attempts to download a malware called "Aria-body". This allows hackers to obtain remote access on this computer or network, bypassing security measures. The team uses the so-called spear-phishing, where it sends an email with the infected document that appears to come from a trusted source. In addition, hackers can create a fake email using information they have extracted from previous successful attacks, while once inside a network, they can launch further attacks.