FireEye identifies Chinese cyber threat
The crime threat actor is reportedly responsible for targeted operations against organisations in 15 jurisdictions.
Intelligence-led securities company FireEye released the details of its newly named Advanced Persistent Threat group—APT41—on Wednesday. APT41 activity reportedly spans across 15 jurisdictions and more than seven years, targeting industries such as healthcare, high-tech, telecommunications, higher education, video gaming, travel, and even news organisations.
FireEye's spokespeopke said they observed individual members of APT41 conducting primarily financially motivated operations since 2012 before expanding into likely state-sponsored activity. Their evidence suggests that these two motivations were balanced concurrently from 2014 onward. To date, organisations have been targeted in the following locations: France, India, Italy, Japan, Myanmar, the Netherlands, Singapore, South Korea, South Africa, Switzerland, Thailand, Turkey, the United Kingdom, the United States, and Hong Kong.
“APT41 is unique among the China-nexus actors we track in that it uses tools typically reserved for espionage campaigns in what appears to be activity for personal gain. They are as agile as they are skilled and well-resourced,” said Sandra Joyce, SVP of global threat intelligence at FireEye, in a statement. “Their aggressive and persistent operations for both espionage and cyber crime purposes distinguish APT41 from other adversaries and make them a major threat across multiple industries.”