Monday, February 22, 00:36
Home security The Chinese APT team FunnyDream has targeted over 200 systems

The Chinese APT team FunnyDream has targeted over 200 systems

A new Chinese state hacking Group (APT) has infected me malware more than 200 systems throughout Southeast Asia in the last two years. According to its security researchers Bitdefender, The attacks/ these infections are part of a espionage campaign in cyberspace. The Chinese team behind them has been named FunnyDream.

FunnyDream

The attacks mainly target governments of Southeast Asia. Bitdefender did not say exactly which countries were affected. However, a few months ago, the Kaspersky Lab had found FunnyDream victims in Malaysia, Taiwan, the Philippines and Vietnam (where most of them were victims).

Both security companies claim that the Chinese APT team FunnyDream is still active in the field of cyber espionage, with the aim of theft of sensitive documents from infected Appliances. In fact, η espionage focuses on national issues security and industry-related issues.

Similar attacks were discovered in 2018

According to Bitdefender researchers, most of these attacks have followed a simple pattern and combine three malware payloads: Chinoxy, PCShare and FunnyDream (the malware from which the group got its name).

The three malware serve different purposes. The Chinoxy is the original malware, what it works as backdoor to make the initial access. The following follows PCShare (known Chinese open-source remote access trojan), which is developed through Chinoxy and used to exploration of infected devices. Finally, the FunnyDream. It is the most powerful of the three malware. According to researchers, it has many advanced features and capabilities that allow it to collect and steal data.

APT team

"Looking at the tool usage schedule we can see that criminals started developing a set of tools designed for quick exploration and extraction data, and later decided to bring a complete toolkit, namely the FunnyDream toolkit, so that there is a possibility long-term monitoring"Liviu Arsene, security researcher at Bitdefender, told ZDNet.

According to the researcher, many infections of government infrastructure have been identified, aimed at espionage and most likely have a political motivation.

"Considering that Southeast Asia faces many economic and trade issues, related to the shift of supply chains from China to Southeast Asia, as well as relations USA-China, these infections may be part of Chinese campaigns targeting Southeast Asian government agencies for possible espionage", Said the researcher and added that some countries in the region had recent elections, which brought changes in governance. These changes interest her China. The government could use a state-sponsored hacking group to see if local regimes align themselves ideologically and politically with China's interests.

Source: ZDNet

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Digital Fortress
Digital Fortresshttps://www.secnews.gr
Pursue Your Dreams & Live!

LIVE NEWS

How to make a Facetime Audio call

Tired of low quality cell phone calls? Thanks to FaceTime, you can make high-resolution calls if you use iPhone, iPad, ...

How to add special effects to Instagram messages

Did you know that you can make instant Instagram messages more impressive? Like any other Instagram feature, you can add special ...

Only 270 addresses are responsible for 55% of all money laundering

Cybercriminals who keep their money in cryptocurrencies tend to "launder" money through a small set of online services, according to ...

Twitter: Voice messages are coming! How do we send them?

Twitter will soon support voice messages in both iOS and Android applications. This means that you will be able to send ...

How to connect a Bluetooth headset to a Nintendo Switch

The Nintendo Switch has a headphone jack. However, most headphones have become wireless so you will need a way to connect them ...

How to hide your phone number in Telegram

If you wish to create a Telegram account, you must provide your telephone number. In this way, Telegram validates the ...

Google Assistant: How can you delete your recordings?

Google Assistant can make your daily life much easier. However, it also involves some privacy issues, as ...

Microsoft: Office 2021 / Office LTSC coming in the second half of 2021

Microsoft announced that the Microsoft Office Long Term Service Channel (LTSC) and Office 2021 will be released in 2021, for ...

How to quickly create QR codes with Bing

If you ever need to create a QR code, but you do not know how, Microsoft has an easy-to-use tool available in any program ...

Brave: Onion addresses leaked to DNS traffic

The Tor function included in the Brave web browser, allows users to access .onion dark web domains within ...