Chinese hacking group tries to disrupt Xi-Trump meet

By Balamurugan Selvaraj Published on Apr 08, 2017 05:38 PM IST

On Wednesday, Fidelis Cybersecurity firm released a report on malware attack on private trade group, National Foreign Trade Council (NFTC) in February last.

The attack was made on the official events page by a Chinese hacking group 'Chinese APT10' ahead of Trump-Xi trade summit. It is heard that this attack was traditionally made to threaten and also spy major industrialists such as Microsoft, Coca-Cola.

Also, there were rumours that the attack was aimed at stealing data, related to the summit that was held on Thursday between US President Donald Trump and his Chinese counterpart Xi Jinping.

Also, the attack was conducted in the name of 'Dubbed Operation trade secret' to spy major industries, lobbyists related to NFTC and US trade Council.

Researchers said, "Through this operation, researchers implanted a malicious link on the website and asked the directors and other officials of NFTC to register for the meeting on 7 March in Washington DC. In this operation, hackers used a spy tool, 'Scanbox', which has a history of nationwide threat made by some violators who are associated with Chinese government in 2014."

At the time, using this spy tool, they gathered details of targeted users' software details such as usage, version type and made keyloggers to run on PCs.

The attack on NTFC website didn't yield any details to them - as per the report of Fidelis. "This attack was a reconnaissance and anyone who visited this calendar entry would expose their software versions and use a JavaScript keyloggers that could expose their identity," said John Bambenek, security researcher from Fidelis cyber security firm.

Earlier, these attackers identified targets that were vulnerable. And this malicious link was present between 27 February and 1 March. Then, the link was removed by NFTC officials after the complaint of Fidelis researchers.

Fortunately, the trade summit between Xi and Trump got over without any interference by these hackers. According to Reuters, this Chinese hacking group also attacked government and commercial targets in Europe. FireEye researcher, John Hultquist, said, 'Heavy industries in Nordic countries are often hacked by Beijing hackers for their priorities.'