A group of Chinese hackers have targeted a Taiwanese news organizations and the opposition Democratic Progressive Party in order to get the information on upcoming presidential and legislative election like the policies and speeches from the leaders participating in the elections.
This report is the second part of the one revealed by FireEye last week which exposed China spying on the Japanese government using Dropbox.
China was also blamed for spying on pro-democracy protesters in Hong Kong with an Android spyware disguised as an OccupyCentral app to keep an eye on the protesters.
FireEye in August 2015 caught Chinese hackers spying on Tibetan activists and as well as dozens of organizations in Bangladesh, Nepal, and Pakistan.
State-sponsored attack
The hackers attacked their targets through phishing emails; one of the emails had this subject line: “DPP’s Contact Information Update,” which indicated this to be a state-sponsored attack from a group known as “APT16” according to the security research team “FireEye”.
The hackers in all the emails tried to lure victims into installing something or clicking on the links inside the mail to allow them to install malicious code into victim’s PC.
Gathering information on DPP’s motives
Taiwan will be having elections on 16th of next month and it’s likely that DPP will win the elections. China, by hacking into party’s systems may want to know their plans after the elections as it considers Taiwan to be their province.
One of the intelligence Analysts from FireEye said: “There’re a lot of people in China who want and need information for their own intelligence purposes.”
Not the first time
But, this is not the first time Chinese hackers have been in the spotlight. Back in February 2013, FireEye linked the Chinese military with the hacking group which has been involved in the hacking of 141 companies since 2006.
Officials from U.S also provided names of 5 military officials that were part of these hacking groups.
One of the U.S. diplomats (William Stanton) in Taiwan has received several warnings from Google regarding his Gmail account which had been the target of state-sponsored hackers.
“If you were directed to this page from a warning displayed above your Gmail inbox, we believe that state-sponsored attackers may be attempting to compromise your account or computer,” the warning read without identifying the country. “It’s likely that you received emails containing malicious attachments link to malicious software downloads or links to fake websites that are designed to steal your passwords or other personal information,” according to Bloomberg.
CCTV Documentary Shows Chinese Military Hacking Skills
Attacks geared up
With elections approaching, there has been an increase in the frequency of the attacks, Ketty Chen (deputy director of international affairs at the DPP) said in the past few weeks there has been a number of attack including his own email account.
Chen is one of 50 DPP members that are targeted by the hackers constantly, one of the attacks he discovered through inconsistencies in the writing style of the mail which purported to be from his colleague.
Hackers didn’t spare people who were formerly involved in major positions in Taiwan, like Stanton who is a former director of the American Institute in Taiwan.
Victims themselves left the door open
The attack on Chen’s account was successful due to his own negligence, he turned off the two-step identification on his account and forwarded on the email to an internet email box. So, it was not the
hackers that were clever rather the victims made way for them.
U.S. claims may not be true
But, a recent investigation from Xinhua News Agency has proved that the attack on U.S. Office of Personnel Management to be from a cyber group that is not backed by the state. President Xi Jinping said the internet should not be converted into a battlefield rather cooperation from all around is required to stop these cyber criminals from carrying out their operations.