Monday, March 8, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Chinese APT group Naikon targeted Western Australia government

May 11, 2020
in Internet Security
Chinese APT group Naikon targeted Western Australia government
588
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Check Point Software Technologies’ threat intelligence arm has uncovered a Chinese APT group is targeting several governments in the Asia Pacific region, including the government of Western Australia.

Check Point Research said the five-year, ongoing cyber espionage operations of Naikon targeted governments within Australia, Indonesia, Philippines, Vietnam, Thailand, Myanmar, and Brunei through “government-to-government” attacks.

You might also like

Maza Russian cybercriminal forum suffers data breach

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

According to the IT security firm, Naikon’s primary method of attack is to infiltrate a government body, then use that body’s contacts, documents, and data to launch targeted phishing attacks against other government targets, thereby exploiting the trust and diplomatic relations between departments and governments to increase the chances of its attack succeeding.

Through the use of a backdoor named Aria-body, Naikon gained remote access to the infected PC or network and bypassed security measures. With such access, the group could copy, delete, or create files. 

Although Naikon was active in 2015 before slipping from the public eye, Aria-body has been observed to have developed new ways of avoiding detection, with the researchers saying this proves the group has accelerated its cyber espionage activities in 2019 and Q1 2020.

In a report released this week, Check Point revealed its investigation had kicked off after it observed a malicious email that was sent from a government embassy in APAC to an Australian government entity, named The Indians Way.doc.

Check Point confirmed with ZDNet this was the government of Western Australia.   

“This RTF file, which was infected (weaponized) with the RoyalRoad exploit builder, drops a loader named intel.wll into the target PC’s Word startup folder. The loader in turn tries to download and execute the next stage payload from spool.jtjewifyn[.]com,” Check Point said.

See also: 12 years on, audit finds WA government entities still don’t get infosec

Aria-body starts with gathering data on the victim’s machine, including: Host-name, computer-name, username, domain name, windows version, processor ~MHz, MachineGuid, 64bit or not, and public IP.

Aria-body using checkip.amazonaws.com service to get victim’s IP


Image: Check Point Research

Check Point said Naikon specifically targets government ministries of foreign affairs, science, and technology, as well as government-owned companies. It said the motive is believed to be the gathering of geo-political intelligence. 

“What drives them is their desire to gather intelligence and spy on countries, and they have spent the past five years quietly developing their skills and introducing a new cyber-weapon with the Aria-body backdoor,” manager of threat intelligence at Check Point Lotem Finkelsteen said.

“To evade detection, they were using exploits attributed to lots of APT groups, and uniquely using their victims’ servers as command and control centers. We’ve published this research as a warning and resource for any government entity to better spot Naikon’s or other hacker group’s activities.”

LATEST SECURITY NEWS

Credit: Zdnet

Previous Post

How to overcome AI and machine learning adoption barriers | AI

Next Post

Top 10 Machine Learning Startups of 2020

Related Posts

Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
Linux distributions: All the talent and hard work that goes into building a good one
Internet Security

Linux distributions: All the talent and hard work that goes into building a good one

March 7, 2021
Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool
Internet Security

Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool

March 7, 2021
Next Post
Top 10 Machine Learning Startups of 2020

Top 10 Machine Learning Startups of 2020

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Here’s an adorable factory game about machine learning and cats
Machine Learning

Here’s an adorable factory game about machine learning and cats

March 8, 2021
How Machine Learning Is Changing Influencer Marketing
Machine Learning

How Machine Learning Is Changing Influencer Marketing

March 8, 2021
Video Highlights: Deep Learning for Probabilistic Time Series Forecasting
Machine Learning

Video Highlights: Deep Learning for Probabilistic Time Series Forecasting

March 7, 2021
Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027
Machine Learning

Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027

March 7, 2021
Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Clinical presentation of COVID-19 – a model derived by a machine learning algorithm
Machine Learning

Clinical presentation of COVID-19 – a model derived by a machine learning algorithm

March 7, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Here’s an adorable factory game about machine learning and cats March 8, 2021
  • How Machine Learning Is Changing Influencer Marketing March 8, 2021
  • Video Highlights: Deep Learning for Probabilistic Time Series Forecasting March 7, 2021
  • Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027 March 7, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates