MANILA, Philippines – Cybersecurity firm FireEye suspects that a group of hackers sponsored by the Chinese government has been conducting financially-motivated activities targeting the video game industry.
According to FireEye’s report, the hacker group they call Advanced Persistent Threat 41 (APT41) used a non-public malware typically reserved for espionage campaigns in their operations.
The group is said to have employed different high-level tactics to compromise software supply chains, which allowed them to inject malware in legitimate files that were later distributed to their victims through game updates.
They also use other tactics such as spear-phishing and deploying bootkits to gain access to development environments. Once inside, the hackers manipulate the virtual currency of the game for their personal gain and deploy ransomware to collect money from victims.
FireEye, however, noted that while the group infects thousands of systems in their operations, only specific individuals are targeted by the attacks.
APT41 was reportedly responsible for the recent supply chain compromise targeting Asus and CCleaner utility, among others. They also conducted cyberespionage for the Chinese government.
The group is believed to have gone after companies in various the pharmaceutical, healthcare, retail, education, and cryptocurrency industries in at least 14 countries including France, Singapore, and the US, to name a few.
FireEye claims they have been active since 2012, but their motivations only became apparent in 2014.
Chinese officials did not respond to Reuters when asked for a comment, but Beijing has on numerous occasions denied Western accusations of cyberespionage. – Rappler.com
There are no comments yet. Add your comment to start the conversation.