The United States Justice Department has charged three Chinese nationals for allegedly hacking Moody’s Analytics economist, German electronics manufacturer Siemens, and GPS maker Trimble, and stealing gigabytes of sensitive data and trade secrets.
According to an indictment unsealed Monday in federal court in Pittsburgh, Pennsylvania, the three men worked for a Chinese cybersecurity company, Guangzhou Bo Yu Information Technology Company Limited (Boyusec), previously linked to China’s Ministry of State Security.
Earlier this year, security researchers also linked Boyusec to one of the active Chinese government-sponsored espionage groups, called Advanced Persistent Threat 3 (or APT3), which is also known as Gothic Panda, UPS Team, Buckeye, and TG-0110.
In 2013, APT3 allegedly stole the blueprints for ASIO’s new Canberra building using a piece of malware that was uploaded to an ASIO employee’s laptop.
According to the indictment, the three Chinese nationals—identified as Wu Yingzhuo, Dong Hao, and Xia Lei—launched “coordinated and unauthorized” cyber attacks between 2011 and 2017, and successfully steal information from a number of organizations by compromising their accounts.
The trio of hackers has alleged to have attacked Moody’s Analytics, Siemens, and Trimble by sending spear-phishing emails with malicious attachments or links to malware.
The men also used customized tools collectively known as the ‘ups’ or ‘exeproxy’ malware to gain unauthorized, persistent access to the targeted companies’ networks, allowing them to search for and steal confidential business information and user credentials.
To read the origial article :