iTnews
  • Home
  • News
  • Technology
  • Security

Alleged ASIO hackers charged in the United States

By Juha Saarinen on Nov 28, 2017 6:50AM
Alleged ASIO hackers charged in the United States

For stealing data from three companies.

US authorities have pressed charges against three individuals working for a Chinese government-linked security firm for alleged hacking, stealing trade secrets and identity theft.

The three - Wu Yingzhuo, Dong Hao and Xia Lei - are employees of Guangzhou Bo Yu Information Technology Company, or Boyusec, and reside in China. 

Boyusec is a contractor to China's Ministry of State Security.

Researchers earlier this year identified a link between Boyusec and the Advanced Persistent Threat 3 hacking group allegedly responsible for stealing the blueprints for ASIO's new Canberra building in 2013.

APT3 used malware uploaded to an ASIO employee's laptop to steal the blueprints.

In the US indictment, APT3 is alleged to have attacked Moody's Analytics, Siemens' Pittsburgh office, and global positioning system company Trimble, through a spear-phishing campaign that sought to install malware on victims' systems.

“These conspirators masked their criminal conspiracy by exploiting unwitting computers, called ‘hop points,’ conducting spear-phish email campaigns to gain unauthorised access to corporate computers, and deploying malicious code to infiltrate the victim computer networks,” acting US attorney Soo Song said.

The "ups" and "exeproxy" malware, if installed, gave the hackers access to targets' computers, allowing them to search for and copy over confidential business information as well as user credentials.

APT3 is alleged to have stolen hundreds of gigabytes of data from the three companies in the US.

Xia is accused of accessing an internal email server at Moody's in 2011 and setting up a message forwarding rule for the account of an unidentified "prominent employee", US prosecutors said.

The rule forwarded all the employee's emails to a webmail service. Xia is said to have accessed the confidential messages until 2014.

Dong allegedly accessed Siemens' networks in 2014 and obtained employees' login credentials. He is said to have copied over 407 gigabytes of proprietary commercial data belonging to Siemens.

Wu is alleged to have stolen GPS technology that Trimble was developing between 2015 and 2016, which may have been passed onto a competing firm.

Wu and Dong are the founders of Boyusec.

Along with Xia they remain in China. They face one charge of computer fraud and abuse, and two charges of trade secret theft, each with a maximum penalty of ten years in prison.

The hackers have also been charged with wire fraud, facing a maximum 20 years in prison, and agggravated identity theft.

The APT3 hacking group is also known as BuckEye, UPS Team, Gothic Panda and TG-011.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
apt3boyusecbuckeyegothic pandasecuritytg011ups team

Partner Content

Digital signatures propel Australian Unity with rapid time to value
Digital signatures propel Australian Unity with rapid time to value
Winning strategies for complaints and disputes management in financial services
Promoted Content Winning strategies for complaints and disputes management in financial services
How to turn digital complexity into competitive advantage
Promoted Content How to turn digital complexity into competitive advantage
The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats

Sponsored Whitepapers

Free eBook: Digital Transformation 101 – for banks
Free eBook: Digital Transformation 101 – for banks
Why financial services need to tackle their Middle Office
Why financial services need to tackle their Middle Office
Learn: The latest way to transfer files between customers
Learn: The latest way to transfer files between customers
Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see

Events

  • Forrester Technology & Innovation Asia Pacific 2022
By Juha Saarinen
Nov 28 2017
6:50AM
0 Comments

Related Articles

  • Apple drops iOS and iPadOS 15.6.1 to fix two exploited zero days
  • Twilio phish sees Signal users' numbers at risk of re-registering
  • ACCC greenlights Google's buy of Mandiant
  • Patch Wednesday fixes two-year-old Dogwalk vulnerability
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Services Australia sets changeover date for myGov

Services Australia sets changeover date for myGov

Google Cloud IoT Core goes on the end-of-life list

Google Cloud IoT Core goes on the end-of-life list

NBN Co proposes to axe CVC across all plans by mid-2026

NBN Co proposes to axe CVC across all plans by mid-2026

Wesfarmers to stand up offensive cyber security capabilities

Wesfarmers to stand up offensive cyber security capabilities

Digital Nation

Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Crypto losses to crime surge to $1.9 B in first half of 2022: Chainalysis
Edge and IoT critical to Web3 infrastructure
Edge and IoT critical to Web3 infrastructure
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
Stakes are higher for cybersecurity in Web3: Gal Tal-Hochberg, CTO at Team8
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
CommBank’s mobile banking app beats ANZ, NAB, Suncorp and Westpac: Forrester
Save the Date — Digital Nation Live launches on October 25
Save the Date — Digital Nation Live launches on October 25
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.