According to a FireEye Threat Intelligence report published on Friday the 2nd of August, a Chinese espionage and cybercrime collective has been attacking many crypto firms with backing from the Chinese government. The report names the group as “APT41” and says that the attacks haven’t just been on crypto firms but have spread and penetrated other sectors as well.
According to the report,
“[The] APT41 is a prolific cyber threat group that carries out Chinese state-sponsored espionage activity in addition to financially motivated activity potentially outside of state control. Activity traces back to 2012 when individual members of APT41 conducted primarily financially motivated operations focused on the video game industry before expanding into likely state-sponsored activity.”
The report also says that the collective has carried out attacks against travel firms, educational institutions and telecommunications firms, infiltrating and “maintaining strategic access” and also illegally obtaining intellectual property. APT41 has also attacked and compromised software supply chains a few times and has discreetly infected some of these software companies with malware.
Back in June 2018, the group sent fake infected emails to certain game studios, prompting them to join a sham cryptocurrency gaming service. Later in that month, a different crypto exchange experienced an attacked which was traced to the same email address.
The APT41 has sneakily used targeted computers to mine cryptocurrencies like Monero. This type of hacking is becoming increasingly popular and uses computer systems owned by unsuspecting persons, to remotely join a mining pool for several cryptocurrencies.
Image Credits: Stock Photo Secrets