Security firm links cyber spy campaign to Chinese hacker

March 30, 2012
Tokyo-based computer security firm Trend Micro on Friday said it linked a hacker in China to a "cyber espionage" campaign targeting India, Japan, and Tibetans.

Tokyo-based computer security firm Trend Micro on Friday said it linked a hacker in China to a "cyber espionage" campaign targeting India, Japan, and Tibetans.

A Chinese hacker whose nicknames include "Dang0102" and "scuhkr" was involved in online spying to steal , spy on Tibetan activists and mine information from players in the energy, shipping and .

"The Luckycat campaign attacked a diverse set of targets using a variety of malware, some of which have been linked to other cyber-espionage campaigns," Trend Micro said in a research paper.

"We were able to track elements of this campaign to hackers based in China."

Luckycat has been going on at least since June of 2011 and has been linked to 90 in Japan and India and on Tibetan activists, according to Trend Micro.

Cyber spies compromised 233 computers, usually by tricking users into opening links or files booby-trapped with crafted to let hackers continually loot information, the security company said.

The pinpointed Luckycat hacker has published posts in a notorious XFocus online forum and recruited peers to join a network attack and defense project at the Sichaun University Information Security Institute, according to Trend Micro.

Trend Micro refused to comment on reports that the hacker was a former graduate student who works for China's leading Internet portal Tencent.

The report did not directly implicate the Chinese government, but believed that the style of the attacks and the types of targets indicated state-sponsored spying.

"Unlike largely indiscriminate attacks that focus on stealing credit card and banking information associated with cybercrime, targeted attacks noticeably differ and are better characterized as cyber espionage," Trend Micro said.

Explore further: Cyberattacks also targeted Gmail rivals: Trend Micro

Related Stories

'No leak of key info' in Mitsubishi cyber attack

September 20, 2011

Japan's defence minister on Tuesday said cyber attackers who breached security at defence contractor Mitsubishi Heavy Industries had not got their hands on any sensitive data.

New cyber attack on Japan parliament

November 2, 2011

Japan's parliament has come under cyber attack again, apparently from the same emails linked to a China-based server that have already hit several lawmakers' computers, an official said Wednesday.

Recommended for you

'Droneboarding' takes off in Latvia

January 22, 2017

Skirted on all sides by snow-clad pine forests, Latvia's remote Lake Ninieris would be the perfect picture of winter tranquility—were it not for the huge drone buzzing like a swarm of angry bees as it zooms above the solid ...

Singapore 2G switchoff highlights digital divide

January 22, 2017

When Singapore pulls the plug on its 2G mobile phone network this year, thousands of people could be stuck without a signal—digital have-nots left behind by the relentless march of technology.

Making AI systems that see the world as humans do

January 19, 2017

A Northwestern University team developed a new computational model that performs at human levels on a standard intelligence test. This work is an important step toward making artificial intelligence systems that see and understand ...

1 comment

Adjust slider to filter visible comments by rank

Display comments: newest first

seilgu
not rated yet Mar 31, 2012
Isn't Trend Micro a Taiwanese company?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.