In a report released by FireEye Threat Intelligence on 2nd August, it has been stated that state-sponsored hackers from China are attacking cryptocurrency companies and video game enterprises. The California-based intelligence-led security company mentioned that the group is known as Advanced Persistent Threat group or APT41.
The report states that APT41 carries out planned attacks for personal financial gains, “particularly against the video game industry, including stealing source code and digital certificates, virtual currency manipulation, and attempting to deploy ransomware.” The group planned attacks in 14 different countries in the past seven years which include France, India, Japan, the Netherlands, Singapore, South Korea, Italy, South Africa, Switzerland, Thailand, Myanmar, Turkey, the United Kingdom, and the United States.
The other industries targeted by the group include healthcare, technology, media, pharmaceuticals, telecommunications, travel services, education and cryptocurrencies. The targets are chosen in a manner that is “generally aligned with China’s Five-Year economic development plans.”
The report also states that that “the group is also deployed to gather intelligence ahead of imminent events, such as mergers and acquisitions and political events.” This is done in line with the verticals of the Chinese national policy.
The report also mentions some attacks conducted by APT4 which includes sending malicious emails to a blockchain gaming start-up last year and attacking a cryptocurrency exchange in June 2018. In last October, the group also used XMRig, a Monero cryptocurrency mining tool in the target’s computer.
The group also made the use of ransomware in at least one occasion and conducted an espionage operation against a Taiwanese newspaper. The report also mentions that some of these attacks were not commissioned by the Chinese government.
The report adds that,”The late-night to early morning activity of APT41’s financially motivated operations suggests that the group primarily conducts these activities outside of their normal day jobs.”
The losses arising from hacks on cryptocurreny exchanges are on the rise this year. The first half of 2019 has seen major attacks on at least seven exchanges that has resulted in the loss of millions of dollars. Large exchanges like Binance, Coinbase and Gemini have opted for insurance policies to compensate users in the event of such an attack. The experts are worried that the technology used by hackers will get more sophisticated with time, resulting in greater losses.
Crypto Magazine also previously reported how North Korean hackers have stolen $2 Billion in cryptocurrency till date to fund the country’s weapon’s program.