Security firm links cyber spy campaign to Chinese hacker

Mar 30, 2012
Tokyo-based computer security firm Trend Micro on Friday said it linked a hacker in China to a "cyber espionage" campaign targeting India, Japan, and Tibetans.

Tokyo-based computer security firm Trend Micro on Friday said it linked a hacker in China to a "cyber espionage" campaign targeting India, Japan, and Tibetans.

A Chinese hacker whose nicknames include "Dang0102" and "scuhkr" was involved in online spying to steal , spy on Tibetan activists and mine information from players in the energy, shipping and .

"The Luckycat campaign attacked a diverse set of targets using a variety of malware, some of which have been linked to other cyber-espionage campaigns," Trend Micro said in a research paper.

"We were able to track elements of this campaign to hackers based in China."

Luckycat has been going on at least since June of 2011 and has been linked to 90 in Japan and India and on Tibetan activists, according to Trend Micro.

Cyber spies compromised 233 computers, usually by tricking users into opening links or files booby-trapped with crafted to let hackers continually loot information, the security company said.

The pinpointed Luckycat hacker has published posts in a notorious XFocus online forum and recruited peers to join a network attack and defense project at the Sichaun University Information Security Institute, according to Trend Micro.

Trend Micro refused to comment on reports that the hacker was a former graduate student who works for China's leading Internet portal Tencent.

The report did not directly implicate the Chinese government, but believed that the style of the attacks and the types of targets indicated state-sponsored spying.

"Unlike largely indiscriminate attacks that focus on stealing credit card and banking information associated with cybercrime, targeted attacks noticeably differ and are better characterized as cyber espionage," Trend Micro said.

Explore further: Twitter blocks two accounts on its Turkish network

add to favorites email to friend print save as pdf

Related Stories

New cyber attack on Japan parliament

Nov 02, 2011

Japan's parliament has come under cyber attack again, apparently from the same emails linked to a China-based server that have already hit several lawmakers' computers, an official said Wednesday.

Recommended for you

LinkedIn membership hits 300 million

Apr 18, 2014

The career-focused social network LinkedIn announced Friday it has 300 million members, with more than half the total outside the United States.

Researchers uncover likely creator of Bitcoin

Apr 18, 2014

The primary author of the celebrated Bitcoin paper, and therefore probable creator of Bitcoin, is most likely Nick Szabo, a blogger and former George Washington University law professor, according to students ...

White House updating online privacy policy

Apr 18, 2014

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites. It also clarifies that ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

seilgu
not rated yet Mar 31, 2012
Isn't Trend Micro a Taiwanese company?

More news stories

Students take clot-buster for a spin

(Phys.org) —In the hands of some Rice University senior engineering students, a fishing rod is more than what it seems. For them, it's a way to help destroy blood clots that threaten lives.

Finnish inventor rethinks design of the axe

(Phys.org) —Finnish inventor Heikki Kärnä is the man behind the Vipukirves Leveraxe, which is a precision tool for splitting firewood. He designed the tool to make the job easier and more efficient, with ...

First steps towards "Experimental Literature 2.0"

As part of a student's thesis, the Laboratory of Digital Humanities at EPFL has developed an application that aims at rearranging literary works by changing their chapter order. "The human simulation" a saga ...