According to a new report from security firm FireEye, Chinese hackers managed to hack into networks of 5 European foreign ministries during the recent G20 meetings. Hackers sent emails contain malware to staff members in hopes to gain access to their system in order to steal information and credentials. The plan didn’t seem to go off as expected, and it is not certain if they got away with any piece of information whatsoever.
“We believe that the Ke3chang attackers are operating out of China and have been active since at least 2010,” says FireEye.
The campaign by this group of Chinese hackers is known as “Operation Ke3chang” and its main purpose is to collect as much high-value information as possible. To get the job done, the group will send a file via email called (US_military_options_in_Syria.pdf.zip), this file is then installed on the user’s computer once it is opened. It would then create a backdoor for the hackers to gain access.
“They have also leveraged a Java zero-day vulnerability (CVE-2012-4681), as well as older, reliable exploits for Microsoft Word (CVE-2010-3333) and Adobe PDF Reader (CVE-2010-2883).” report said.
These kind of attacks have proven that government agencies and embassies around the world are in danger of being hacked by known and unknown sources. Security levels need to be stepped up, and employees must also be educated on the matter at hand.