Home Resources Blog China-Based Cyber Espionage Campaign Targets Satellite, Telecom, Defense Firms

China-Based Cyber Espionage Campaign Targets Satellite, Telecom, Defense Firms

Admin Globaldots
26.06.2018
image 1 Min read

Threat group Thrip is using three computers based in China to steal data from targeted companies in Southeast Asia and the US, Symantec says.

An advanced persistent threat group that is believed to be operating out of China is conducting a wide-ranging cyber espionage campaign targeting satellite, telecommunications, and defense organizations mostly in Southeast Asia and the United States.

Security vendor Symantec, which uncovered the campaign, says what’s most worrying about the activity of the so-called Thrip group is its apparent interest in the operational networks of some of its victims. That suggests the attack group’s motives may extend beyond spying to actual service disruption as well, the security vendor says.

Symantec has been tracking Thrip since 2013 and believes the latest campaign began sometime in 2017. The security vendor stumbled upon the activity when it observed someone using Microsoft’s PsExec tool to move laterally on the network of a large telecom operator in Southeast Asia. Symantec’s investigation of the activity led to the discovery of a malicious tool previously associated with Thrip called Rikamanu being used in the attack. Symantec subsequently discovered three computers based in China being used in the Thrip attacks.

Image Source

Read more: Dark Reading

Read More

Inform every aspect of your product & business with CDN Monitoring
Monitoring, Logging & Observability
Snir Ambar, Head of AI & Innovation @ GlobalDots 22.09.22

Extract actionable real-time insights, optimize performance and identify issues before they become problems – by unlocking the hidden value of CDN logs! Get 14 days free access to all features right now.

Watch more
Cybersecurity takes center stage
DevOps as a Service
Artem Mescheryakov, Senior DevOps Engineer, GlobalDots 20.09.22

In recognition of National Coding Week, Geektime.com, a top media channel covering tech, startup, venture capital, internet, mobile, development and more – featured a guest post by Artem Mescheryakov, Senior DevOps Engineer at GlobalDots:  “National Coding Week is about learning the value and importance of digital skills as well as nurturing the increasingly important skill of coding. Developer shortages […]

Read more
A CISO’s Essential Guide to API Security
API Security
Admin Globaldots 15.09.22

Learn how to reduce the business risk of API attacks – and maximize the value of digital innovation.  APIs are the entry point to your organization’s most critical data and services. Their protection is crucial to reduce risks, maximize program value, and generate growth. In this guide, we take a close look at the special […]

Read more
Unlock Your Cloud Potential
Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.
Book a Demo