APT1

Pierluigi Paganini October 19, 2018
Attackers behind Operation Oceansalt reuse code from Chinese Comment Crew

Security researchers from McAfee have recently uncovered a cyber espionage campaign, tracked as Operation Oceansalt, targeting South Korea, the United States, and Canada. The threat actors behind Operation Oceansalt are reusing malware previously associated with China-linked cyberespionage group APT1. “McAfee Advanced Threat Research and Anti-Malware Operations teams have discovered another unknown data reconnaissance implant targeting Korean-speaking users.” reads the report. “We […]

Pierluigi Paganini October 16, 2014
Security Companies united against the Hidden Lynx APT and its weapons

Principal security firms united in a joint effort dubbed Operation SMN against the cyber espionage group known as Hidden Lynx and its arsenal. The Hidden Lynx APT is a China-based group of hackers that conducted numerous cyber espionage campaign against U.S. defense contractors and other foreign organizations. The name Hidden Lynx was assigned to the APT by experts at […]

Pierluigi Paganini September 04, 2014
Analyze VirusTotal Metadata to profile hackers

An independent researcher has analyzed for years the metadata on submissions to VirusTotal service identifying patterns related to many bad actors. VirusTotal is the Google owned company which offers free checking of URLs and files for viruses and other malicious code, its systems use up to 54 different antivirus software to scan files and URLs provided by the userscheck. Cyber criminals […]

Pierluigi Paganini May 26, 2014
Critical Infrastructure, hackers targeted public utility SCADA

Cyber attacks could pose a potentially huge risk to US critical infrastructure, state-sponsored hackers and cyber criminals are increasing their activity. Governments are even more alarmed by the possibility of cyber attacks against critical infrastructure, hackers could pose a potentially huge risk to the helpless population. In a recent US Government exercise, a team of hackers […]

Pierluigi Paganini May 25, 2014
FireEye-Mandiant data confirms DOJ’s Findings on APT1

Experts at Mandiant have corroborated the DOJ’s data by releasing additional evidence not included in the original APT1 report. One of the news most important shared on the internet this week it the one related to the indictment announced by US Department of Justice (DOJ) on five members of PLA Unit 61398. One year ago Mandiant experts deeply analyzed […]

Pierluigi Paganini September 25, 2013
Chinese hackers increasingly attracted to the drone technology

Intelligence agencies reveal that Chinese hackers increasingly attracted to the drone technology while Chinese drone industry grows like never before! The fact that Chinese hackers are most persistent collectors for sensitive information is not a mystery, more difficult to demonstrate the direct involvement of the PLA behind the operations of computer experts that systematically seek to unravel […]

Pierluigi Paganini August 07, 2013
Chinese Comment Crew caught taking over a fake Water Plant

Chinese Hacking Team Comment Crew caught taking over a honeypot simulating a Water Plant, the infinite offensive of Chinese Cyber Units linked to PLA. The Comment Crew group of hackers has been identified during an attack to a fake US control system of a water facility. The researchers deployed a honeypot to collect evidences on the attackers that […]

Pierluigi Paganini June 27, 2013
Comment Crew, China-based group of hackers is changing tactics

Chinese hackers Comment Crew is changing tactics, security firms suspected it due the analysis of principal cyber espionage campaigns targeted their clients. The Comment Crew is back again, security experts suspect the involvement of the Chinese group of hackers in the cyber dispute between U.S. and China.  In February The Mandiant Intelligence Center™ released an interesting report […]

Pierluigi Paganini February 22, 2013
Mandiant report links Anonymous 2011 hacks to APT1 campaign

The new is very curious and represents the demonstration that cyber threats could not be analyzed separately, security need a global approach, we cannot distinguish between cybercrime and cyber warfare but we must be focused on the cyber menaces, their effects and the risks connected to adoption of not appropriate security measures. The case is […]

Pierluigi Paganini February 19, 2013
Mandiant report on APT1 & China’s cyber espionage units

Early this month it was spread the news regarding a sophisticated cyber espionage campaign against principal media agencies in the US, included NYT and Washington Post, the hackers have tried to compromise the email account of journalists to steal sensitive information. The campaign appeared very aggressive, the hackers have tried to infiltrate the network of […]