CrAKeN Posted May 18, 2017 Share Posted May 18, 2017 An anonymous group known as Intrusion Truth has published evidence that links an intelligence contractor working with the Chinese government to cyber-attacks that have been carried out by a cyber-espionage group known in the infosec community as APT3. Intrusion Truth's findings — posted online between the end of April 26 and May 9 — have been confirmed and validated yesterday by Recorded Future, a well-respected threat intelligence security firm. Boyusec is APT3 The blog posts published by Intrusion Truth [1, 2, 3, 4] reveal that Wu Yingzhuo and Dong Hao, shareholders at Boyusec — the Guangzhou Boyu Information Technology Company, Ltd — have registered many of the domains used in the infrastructure detected in past APT3 attacks. APT3 is a nefarious hacking group that has been active since 2010. The group — also identified in the reports of various cyber-security firms as UPS, Gothic Panda, and TG-011 — has been tied to the theft of intellectual property from private businesses, but also to cyber-espionage with substantial political implications. Past reports [1, 2, 3, 4] have tied the group to hacks all over the world, but most often in Hong Kong and the US. Boyusec is a contractor for the Chinese government According to Intrusion Truth and Recorded Future, Boyusec is just one of the many cyber-security contractors the Chinese government is using to support its cyber-intelligence gathering operations. The two say Boyusec reports to the Guangdong Information Technology Security Evaluation Center (or Guangdong ITSEC), who is a local branch of the China Information Technology Evaluation Center (CNITSEC), an organization run by the Chinese Ministry of State Security (MSS). This hierarchical structure is well known and has been exposed before. In its report, Recorded Future says it stands by its attribution of APT3 activity to Boyusec "with a high degree of confidence." The Pentagon knew Finding Boyusec tied to APT3 activity is not a surprise. In November 2016, a Pentagon report unearthed a backdoor in equipment jointly developed between Boyusec and Huawei. According to the Pentagon's Joint Staff J-2 intelligence directorate, US analysts also believe Boyusec was tied in some form or another to the Chinese government. "[Boyusec is] closely connected to the [Ministry of State Security] and Huawei and they are developing a start-up program that will use malware allowing for capturing and controlling devices," the report read. In the autumn of 2015, the US and China signed a pact that would restrict hacking between the two countries only to cyber-espionage operations, safeguarding private businesses. Following that pact, China's cyber-activities targeting the US have slowed down. In the past year, APT3 activity has been detected in Hong Kong, mainly aimed at activists supporting Honk Kong's political independence from China. Source Link to comment Share on other sites More sharing options...
Sylence Posted May 18, 2017 Share Posted May 18, 2017 I really Love what China is doing. nobody can beat them in cyber space. US is like: "come on China, please give us a break, let's sign this paper together..dude just hack our government and leave the little sectors alone cuz they already have problems themselves." Link to comment Share on other sites More sharing options...
pc71520 Posted May 19, 2017 Share Posted May 19, 2017 I spy on you and you spy on me... Link to comment Share on other sites More sharing options...
nIGHT Posted May 21, 2017 Share Posted May 21, 2017 There is really a business and professions in hacking. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.