Chinese Gov’t Hackers Are Targeting Crypto Companies

Per the report, Chinese state espionage cyber unit APT41 “targets industries in a manner generally aligned with China’s Five-Year economic development plans.” Still, FireEye researchers claim that “the group is also deployed to gather intelligence ahead of imminent events, such as mergers and acquisitions and political events.”

Chinese state hackers are performing attacks against cryptocurrency and video game enterprises, cybersecurity company FireEye claims in a report published on Aug. 2.

Industries targeted by the unit reportedly include healthcare, high technology (semiconductors, batteries, and electric vehicles), media, pharmaceuticals, retail, software, telecommunications, travel services, education, video games and cryptocurrencies.

Chinese government facilitating hacking operations

The targeted countries include France, India, Italy, Japan, Myanmar, the Netherlands, Singapore, South Korea, South Africa, Switzerland, Thailand, Turkey, the United Kingdom, the United States and Hong Kong.

APT41 targeted a crypto exchange

FireEye claims that in June last year APT41 sent malicious emails to a blockchain gaming startup, in October 2018 the group maliciously deployed an instance of XMRig, a Monero (XMR) mining tool. An email address used in an espionage operation against a Taiwanese newspaper was reportedly later used to target a cryptocurrency exchange in June 2018.

Furthermore, FireEye claims to have found code overlaps between malware used by APT41 in May 2016 targeting of a U.S.-based game development studio and the malware observed in supply chain compromises in 2017 and 2018.

The report also notes that the group also deployed ransomware in at least one instance. Though some of the attacks were not commissioned by the Chinese state. The report says:

“Unlike other observed Chinese espionage operators, APT41 conducts explicit financially motivated activity, which has included the use of tools that are otherwise exclusively used in campaigns supporting state interests. The late-night to early morning activity of APT41’s financially motivated operations suggests that the group primarily conducts these activities outside of their normal day jobs.”

As Cointelegraph reported in June, the personal computers of employees at hacked Japanese crypto exchange Coincheck have allegedly been found to have been infected by a virus associated with a hacker group of Russian origin.

2 Arrested in Japan for Obtaining Crypto Linked to Coincheck’s $530M Hack

Two men have been arrested in Tokyo for obtaining cryptocurrency linked to the massive hack of Japan’s Coincheck exchange in 2018.

As reported by Jiji Press Wednesday, the men were held by the Metropolitan Police Department for allegedly obtaining NEM that were the suspected proceeds of crime – illegal under the law relating to punishment of organized crime. One of the two arrested – who are claimed to have known the tokens were stolen – is a doctor from Hokkaido and the other is a company exec from Osaka.

Coincheck suffered possibly the biggest-ever breach of a cryptocurrency exchange in January 2018, losing around $530 million-worth of NEM. The hack was likely bigger even than that of Mt. Gox, which is thought to have lost $340 million in bitcoin over a period of time.

Tokyo police believe the arrested individuals have been exchanging the NEM for other crypto assets since February, Jiji said.

The arrests are the first relating to the Coincheck hack and come after Tokyo police formed a task force to investigate the theft.

Leave a Reply

Your email address will not be published.