China-based Internet Spying Group Hacking for Indian Intelligence

According to FireEye, a major network security firm in USA, one sophisticated Internet spying gang assumed as located in China has been exploiting poorly working cyber-defenses of India for hacking into computer systems of academic institutions and government agencies so as for filching critical diplomatic data, published washingtonpost.com dated August 20, 2015.

FireEye further alleges that the gang, during 2011-2014, even waged assaults against several Southeast and South Asian nations along with certain Tibetan activists not residing in China.

Apparently, the gang is waging assaults to especially steal information regarding India as well as the country's border conflicts going on with neighboring nations.

According to Chief Technology Officer Bryce Boland in-charge of Asia Pacific for FireEye, the hacking gang quite likely is Chinese, reports washingtonpost.com.

The news may quite increase mistrust between India and China the two nation states with the maximum population in Asia that were at war during 1962 as well as remain in dispute regarding much areas of mutual boundary extending 2,500 miles.

Sending spear-phishing e-mails targeted at chosen victims, the espionage gang resorted to Microsoft Word files attached to the messages supposedly having details regarding regional diplomatic problems.

A script with the name WATERMAIN was included in the attachments which when viewed would contaminate the end-user's PC to enable a 'backdoor' access for the attacker.

Previously during April 2015, the same assaults became noticeable to security researchers, approximately one month before Narendra Modi the Prime Minister of India made his debut official trip to China.

Moreover according to Boland, the China-based APT gangs continue to maintain their chief strategic goal as garnering intelligence related to India, while the above kind of assaults against India as well as its neighboring states indicate an increasing interest by them in the country's overseas matters. Thus organizations require doubly enhancing their cyber protection initiatives while making sure they can stop, identify as well as tackle the assaults for self protection, Boland adds. Sys-con.com reported this, August 21, 2015.

Meanwhile as per FireEye, during 2011-14, the current attack gang utilized WATERMAIN for targeting more than a hundred victims, with about 70% from within India.

» SPAMfighter News - 8/26/2015