Cybersecurity researchers have revealed that a Chinese hacking group is allegedly conducting “ongoing” espionage operations on foreign governments across Asia.
Spotted by Israeli cybersecurity firm Check Point, the hacker group known as “Naikon” is attacking governments in Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar and Brunei — targeting foreign affairs, science and technology ministries with an aim to gather “geopolitical intelligence,” reports Engadget.
“Naikon’s primary method of attack is to infiltrate a government body, then use that body’s contacts, documents and data to launch attacks on others, exploiting the trust and diplomatic relations between departments and governments to increase the chances of its attack succeeding,” elaborated Check Point.
Another report in 2015 by a Washington-based security company called ThreatConnect had claimed that the group Naikon was a unit of the Chinese People’s Liberation Army (PLA).
The group has been very active during the last five years, especially in 2019-20.
“We’ve published this research as a warning and resource for any government entity to better spot Naikon’s or other hacker group’s activities,” said Check Point.
Naikon uses spear-phishing method where it sends an email with the infected document that looks like it comes from a trusted source.
“What drives them is their desire to gather intelligence and spy on countries, and they have spent the past five years quietly developing their skills and introducing a new cyber-weapon with the Aria-body backdoor,” Lotem Finkelsteen, manager of threat intelligence at Check Point, said in a statement.