Chinese Hackers Pose Cyber Threat for Japan, India, and Tibet

According to a Tokyo-based Computer Security Firm, Trend Micro, a recent hacking activity has been uncovered in China targeting India, Japan, and Tibet.

A Chinese programmer with nicknames containing the words "Dang0102" and "scuhkr" were involved in this hacking activity and spied for stealing military secrets, also detect activists by the Tibetans and provide information from players into the energy, shipping, and aerospace industry.

According to the revelation of a research paper by Trend Micro, the campaign called as 'Luckycat' employed a variety of malwares for setting the targets. Some of the malwares used in this attempt are even linked to other similar cyber-espionage campaigns.

According to Trend Micro, Luckycat mission had been active since June 2011, and as of now has been associated with 90 online attacks in Japan, India and upon the Tibetan activists.

This espionage campaign took a toll of 233 computers, either by trapping users into clicking the derogatory links or files trapped with malware allowing hackers to continue their attempt of looting.

However, researchers opined that China might employ people outside the government for accomplishing the hacking operations. Apparently, Trend Micro were astounded to find malware used during the Luckycat attempt showed similarity with the campaign called Shadownet, which is a fair indication of the two being inter-related. Shadownet has been claimed to have victimize Tibetan activists and the Indian Government too.

The commonality of these campaigns lies in sending forged e-mails to the recipients and making them click on an infected attachment through the mail. The clicking of this attachment invites all vulnerabilities through softwares like Microsoft Office and Adobe. On being connected to the hacker's server, extra code is being installed for establishing control over the system.

All these attempts hints towards the aggressive intention of the hackers that seems to be hysterically and continual. Trend Micro in its report highlighted these attacks as a campaign comprising a series of continual attack over time.

Trend Micro further claims that to ensure better safety and protection, enterprises are required to use a mixed technology and education strategy. Other than patch management, endpoint, and network security, organizations are recommended to focus on detecting and extenuating these attacks.

Conclusively, an enterprise's cyber security is justifiable only with equally competent employees. People when accustomed to potential attacks should know the ways of positioning themselves and report potential threats. Thus, people can become an equally important source of threat intelligence.

Related article: Chinese Hackers Threatening Korean Game Sites

» SPAMfighter News - 4/11/2012