China based cyber espionage group targeting Indian companies: Symantec blog

Suckfly started stealing code signing certificates two years before carrying the main attack

India is the on hit list of China based advanced cyber espionage group, Sucklfly. The hacking software which targeted many countries globally carried maximum attacks against India, as per cyber security firm Symantec.

The hacking group targeted Government data and big corporate IT firms. Suckfly had already attacked India’s largest financial organization, a large e-commerce company and its primary shipping vendor, India’ top five IT firms and two government organizations, as per investigation by the security vendor.

Suckfly worked on a malware which could remain undetected by security organizations. Suckfly tried stealing code signing certificates from the companies. Code signing certificates are the extra layer of protections that many organizations use. These provide access to the authorized users only. Users are authorized and identified by their digital signatures. This cyber attack spent two years in obtaining the code signing certificates before carrying out the original attacks. These signatures obtained were used maliciously and being certified, these were difficult to identify.

These attacks started two years back in April 2014. The cyber criminal(s) targeted the Government network attacked by Suckfly, as per the report, has links to multiple ministries, says the report. Suckfly targeted different sections including, e-commerge, Government, Healthcare etc.

Now, Suckfly allegedly has enough datta to purchase and create infrastructure. Based on the data collected it can conduct further attacks hampering the privacy and finances of other IT firms. The cyber attacking software used multiple stolen certificates, multiple hack tools and custom malware in order to carry out its function well despite the advanced security systems.

The investigation found these threats to be operating from Chengdu, China. Suckfly had stolen a total of 9 certificates which over the period which they started using maliciously in 2015.

Apart from India many other countries were also attacked, including United States.

 

Air Max 95 20th Anniversary


Add new comment