Detects hackers attacking networks in Southeast Asian governments

Sky Nguyen 15/05/20 01:46pm nguồn bình luận 999

A- A A+

A cyber attack campaign lasted 5 years conducted by a group of hackers called Naikon, aimed at national governments in Southeast Asia and Australia, has been discovered.

Detects hackers attacking networks in Southeast Asian governments — Countries targeted by Naikon hacker group according to Check Point report

Security research firm Check Point Software Technologies (Israel) has discovered a cyberattacking campaign carried out by a group of hackers called Naikon, targeting governments in Southeast Asia and Australia.

Check Point said Naikon’s cyber-attacks have been taking place for at least the past five years, targeting governments of countries including Vietnam, Thailand, Myanmar, Brunei, Philippines, Indonesia and Australia. through "government to government" attacks.

According to Check Point, Naikon’s method of attack is to gain access to a country’s government agency through security breaches, then use contact information, documents and data to impersonate. name the agency, and then launch phishing attacks against other governments.

In this way, Nikon took advantage of the trust and diplomatic relations between national government agencies to increase the chances of success for its attacks.

In its newly released report, Check Point said it began the investigation after finding an email sent from the government embassy of a country in the Asia-Pacific region to the agency. of the Australian government, inside is attached a file called "The Indians Way.doc" containing malicious code.

“The text file with this malicious code will automatically install a file into the startup folder on the victim’s Word software, then quietly download and install additional malware from the server due to the news. hackers control, ”Check Point said in its report.

Check Point said the Naikon hacker group specifically targets government agencies related to foreign affairs, science and technology, as well as government-owned companies. The target of this group of hackers is said to be related to politics and to collect intelligence.

“This group of hackers spent five years silently developing their offensive skills against government agencies. In order to evade detection, the hacker group used the victim’s own server system as a command and control center, instead of using a separate server system outside, ”Lotem Finkelsteen, Check Point’s intelligence threats manager said. "We publish this report as a warning to government agencies to take care of Naikon and other hackers’ activities."

The Naikon hacker group was first caught on the radar when Kaspersky Security (Russia) experts discovered the group’s activities in 2010, launching cyber attacks against key agencies. cover of Southeast Asian nations.

However, since 2015, Naikon suddenly became silent and showed no signs of working until the Check Point "unmasked" in the newly published report.

Nguồn Tin: