Vietnam hacker group accused of spying on companies, journalists
A hacker group in Vietnam called APT32 has allegedly carried out cyber espionage attacks against multinational companies in Vietnam, as well as against corporations and public sector organisations in Southeast Asia, China, the US, Australia and Europe, a US-based IT security firm claims.
In a detailed report, FireEye Inc, which works with large, globally operating companies to protect their assets from cyber threats, says it has tracked at least ten separate attacks from the group since 2014. Targets included companies and institutions, as well as journalists, foreign governments and dissidents in Vietnam, but also in the Philippines.
The group conducted the attacks by infiltrating computers with malicious files using social-engineering methods to entice victims, FireEye said. The files then themselves downloads spying software from remote servers, with further attacks delivered via phishing emails, it said.
The group, however, is unrelated to the ransomware attacks that has ravaged computers around the world since May 12.
FireEye suspects that the hacker group apparently works for the favour of “Vietnamese government interests” and could thus be aligned with the government in some way.
The group is also targeting security, technology infrastructure and consultancy companies, FireEye said, as well as tries to threaten political activist and media.
“Government institutions, journalists and members of the Vietnam diaspora may continue to be targeted,” the report said.
“APT32 accessed personnel details and other data from multiple victim organisations that would be of very little use of to any party other than the Vietnamese government,” report author Nick Carr said, adding that “the timing of APT32’s intrusions appears to correspond with many its victims’ engagements with the Vietnamese government on regulatory matters.”
Victims included a German manufacturing company about to build a factory in Vietnam, a Chinese hotel developer planning to expand its operations in the country and the local office of a British-based global consulting firm, as well as two subsidiaries of US and Philippine consumer products corporations in Vietnam. Research institutes, maritime agencies, sea construction and shipping enterprises in China were also targeted by the group.
The Vietnam government staunchly rejected the accusations.
“The government of Vietnam does not allow any form of cyber attacks against organisations or individuals,” said foreign ministry spokeswoman Le Thi Thu Hang according to Reuters, adding that “all cyber attacks or threats to cyber security, must be condemned and severely punished in accordance with regulations and laws.”
A hacker group in Vietnam called APT32 has allegedly carried out cyber espionage attacks against multinational companies in Vietnam, as well as against corporations and public sector organisations in Southeast Asia, China, the US, Australia and Europe, a US-based IT security firm claims. In a detailed report, FireEye Inc, which works with large, globally operating companies to protect their assets from cyber threats, says it has tracked at least ten separate attacks from the group since 2014. Targets included companies and institutions, as well as journalists, foreign governments and dissidents in Vietnam, but also in the Philippines. The group conducted the attacks...
A hacker group in Vietnam called APT32 has allegedly carried out cyber espionage attacks against multinational companies in Vietnam, as well as against corporations and public sector organisations in Southeast Asia, China, the US, Australia and Europe, a US-based IT security firm claims.
In a detailed report, FireEye Inc, which works with large, globally operating companies to protect their assets from cyber threats, says it has tracked at least ten separate attacks from the group since 2014. Targets included companies and institutions, as well as journalists, foreign governments and dissidents in Vietnam, but also in the Philippines.
The group conducted the attacks by infiltrating computers with malicious files using social-engineering methods to entice victims, FireEye said. The files then themselves downloads spying software from remote servers, with further attacks delivered via phishing emails, it said.
The group, however, is unrelated to the ransomware attacks that has ravaged computers around the world since May 12.
FireEye suspects that the hacker group apparently works for the favour of “Vietnamese government interests” and could thus be aligned with the government in some way.
The group is also targeting security, technology infrastructure and consultancy companies, FireEye said, as well as tries to threaten political activist and media.
“Government institutions, journalists and members of the Vietnam diaspora may continue to be targeted,” the report said.
“APT32 accessed personnel details and other data from multiple victim organisations that would be of very little use of to any party other than the Vietnamese government,” report author Nick Carr said, adding that “the timing of APT32’s intrusions appears to correspond with many its victims’ engagements with the Vietnamese government on regulatory matters.”
Victims included a German manufacturing company about to build a factory in Vietnam, a Chinese hotel developer planning to expand its operations in the country and the local office of a British-based global consulting firm, as well as two subsidiaries of US and Philippine consumer products corporations in Vietnam. Research institutes, maritime agencies, sea construction and shipping enterprises in China were also targeted by the group.
The Vietnam government staunchly rejected the accusations.
“The government of Vietnam does not allow any form of cyber attacks against organisations or individuals,” said foreign ministry spokeswoman Le Thi Thu Hang according to Reuters, adding that “all cyber attacks or threats to cyber security, must be condemned and severely punished in accordance with regulations and laws.”
