The U.S. Department of Justice (DOJ) has accused seven Chinese nationals of participating in a long-term hacking campaign targeting American businesses, government officials, and other high profile targets. DOJ alleges that the defendants, who are believed to be computer hackers affiliated with China’s Ministry of State Security (MSS).
As per DOJ’s PR, the Chinese hackers are alleged to be part of a group known as APT31, which has been also targeting critics of the Chinese government, journalists, and activists, and even American politicians for over a decade.
The APT31 hacking group, also known by aliases like Judgement Panda and Zirconium used various hacking techniques, reportedly involves a mix of technical sophistication and social engineering. They’ve been accused of crafting phishing emails that appear to come from legitimate sources, often containing malicious links.
APT31 is also suspected of employing zero-day exploits, taking advantage of security vulnerabilities before software vendors even have a chance to issue a patch. using this technique has resulted in the breach of sensitive data, source codes and intellectual property theft, and potential disruption of critical infrastructure.
High profile targets allegedly include U.S. government officials, defense contractors with access to classified information, and human rights activists in Hong Kong. APT31’s ability to operate for such a long time and target such sensitive institutions underscores the ongoing challenge of cybersecurity and the need for vigilance in protecting against state-sponsored cyber espionage.