Chinese hackers steal data from Russian government agencies
(Baonghean.vn) - Experts from the cybersecurity company Positive Technologies (PT) said that a group of hackers of Asian origin, named TaskMasters, has been attacking computer systems of state agencies and businesses in many countries around the world for at least the past 9 years, including a number of Russian organizations and companies.
 |
| Hackers. Photo: Getty |
PT experts mentioned losses of more than 30 important organizations in the fields of industry, construction, energy, real estate, etc., including 24 organizations in Russia. However, PT did not disclose specific information about these companies.
According to PT's records, the attack tools of this hacker group are related to Chinese developers, in which some attacks originated from IP addresses in this country.
The name TaskMasters, given by PT experts, comes from the characteristics of the attack method this group carries out.
Hackers created specific tasks in the task scheduler, allowing them to execute operating system commands and run software at a certain time, said Alexey Novikov, head of PT's Expert Security Center. After penetrating local networks, hackers investigated the infrastructure and downloaded malicious programs for remote espionage operations.
Security firm Kaspersky Lab calls the hacker group BlueTraveler. Kaspersky Lab said its experts have been monitoring BlueTraveler's activities since 2016. BlueTraveler's targets may be government agencies, mainly from Russia and the Commonwealth of Independent States (CIS).
Kaspersky Lab confirmed that the attackers are likely Chinese. Kaspersky Lab experts also noted that the method of attaching to infrastructure with the help of a task scheduler is often used for political or industrial espionage purposes.
