- The US Department of Justice stated that as part of the hacking activities, state-sponsored Chinese hackers targeted at least one South African company.
- U.S. prosecutors claimed in the indictment unsealed on Friday that the front office company Hainan Xiandun used spear phishing against a “maritime research and development” company in South Australia.
- The indictment alleges that the company is controlled by Hainan Province because it seeks commercial advantages for its state-owned enterprises in foreign transactions through industrial espionage.
- The United States said that Chinese hackers are also targeting universities, governments and a political party in other parts of the world for information about the Ebola virus, gene sequencing and chemical formulas.
- More stories Go to www.BusinessInsider.co.za.
U.S. prosecutors stated in the indictment unsealed on Friday that state-sponsored hackers working for a province in China tried to steal the trade secrets of at least one South African company.
These prosecutors are now pursuing allegations including economic espionage and conspiracy to commit computer fraud against four Chinese citizens, who may face long-term prison sentences under US law.
The indictment stated that the group worked under the guise of Hainan Xiandon and “hired hackers to try and do steal data from companies and universities involved in Ebola virus and vaccine research and offshore research and development.”
According to U.S. prosecutors, specific targeted information includes “sensitive technologies, special chemical formulas and proprietary gene sequencing technologies used in submersibles and self-driving cars.”
Allegedly, a long list of American companies and institutions as well as government departments and a political party in countries such as Saudi Arabia and Malaysia have been infiltrated or attacked.
The indictment stated that these attempts included spear-like cyber attacks on “a number of defense contractors and companies specializing in maritime research and development located in the United States, South Africa, and Austria” in two waves: late December and early January 2016 , And will be held again from mid-July to early August 2016.
It is not clear whether or to what extent these attacks were successful.
US prosecutors stated that the purpose of the data theft was to gain advantages for Chinese state-owned enterprises involved in railways, shipbuilding and biopharmaceuticals.
US authorities stated that some of the emails that attempted to install malware on the target computer came from the “doppelgänger” domain, and these addresses made the recipients look safe and familiar by mimicking the addresses of organizations they knew. Others appear to be from actual colleagues, using hijacked accounts.
Methods of leaking information include using shorthand to hide it in images of Donald Trump and Koala Bear on public servers.
The indictment mentions Wu Shurong, the creator of the malware, and the three people mentioned by the United States as officials of the Hainan National Security Bureau who also run the front office where Wu Weizhi works: Ding Xiaoyang, Cheng Qingmin, and Zhu Yunmin.
(Compiled by Philip de Wetter)
