Chinese state-sponsored hackers are claimed to spying Russian military and aerospace activities. There has been reported a cyber warfare in several countries including China, Russia, and Norway. Proofpoint confirms that the attackers began in summer 2016. The Chinese hacker launched a downloader named as ZeroT to PlugX RAT the Asian Malware. Researcher revealed that spear-phishing campaign has bee conducted through Microsoft Word files, which contain malicious URLs in RAR compressed folders.
The expert of FireEye has unveiled a group of hacker which is dubbed as APT 29. The alleged group exploits Twitter for their data stealing through the data stealer malware. The hackers used Hammertoss to infect the data of a company’s customers.
China has commanded Chinese hackers to attack Russian security system while Russian is launching cyber warfare against Norway. In latest reports, Norway has officially confirmed that at least nine personal e-mail accounts of civil servants have been hacked. But the country has confirmed no classified information has been hacked.
Norway Officially Confirms Russian Cyberwarfare:
Norway has confirmed several civil and military departments has been attacked. The attacked departments include the army, foreign ministry, radiation agency. A school of parliamentary, and labor party, Norwegian Intelligence service PST and some other institutes.
PST spokesman Martin Berntsen told that APT29 has been detected as potential attacker which has been traced back to Russia. The attacker has targeted the e-mail account of nine officials and known business entities and individuals.
The APT29 is also known as Cozy Bear has already hacked U.S democratic Party computers. Colonel Sergei Mikhailov is responsible for operating Cozy Bear, he is the second most senior official of Information security system of hackers team. Since the breakup of Soviet Union, the arrest of the Cozy Bear CEO is considered most important. It is reported that no classified information has been stealth up till now, yet it is not clear that what is the primary purpose of this attack.
This is legislative election schedule time in the country on September 11, but apparently, there is no connection between the voting activity and hackers. The analyst says that this response to the 300 US soldiers deployment from Norwegian soil. The Norwegian government has to be very careful from E-mail phishing.