A hacking<\/a> group allegedly backed by the Chinese government has been attacking governments, NGOs, news publications and think tanks globally -- including India's National Informatics Centre<\/a> (NIC<\/a>) -- sending them emails which, once opened, were used to steal their login credentials. 该集团被称为“RedAlpha”一直欺骗NIC登录页面,管理为印度政府更广泛的IT基础设施和服务。黑客组织架武装一些仅去年一年至少350域。 一个黑客集团据称由中国政府一直支持攻击政府、非政府组织、新闻出版物和智库全球,包括印度乐动扑克国家信息中心(网卡)——发送邮件,一旦打开,被用来窃取他们的登录凭证。
The group known as 'RedAlpha<\/a>' has consistently spoofed login pages for NIC, which manages wider IT infrastructure<\/a> and services for the Indian government. The hacking group weaponised some least 350 domains last year alone.
The China-sponsored hacking group spoofed organisations such as the International Federation for Human Rights (FIDH), Amnesty International, the Mercator<\/a> Institute for China Studies (MERICS), Radio Free Asia (RFA), the American Institute in Taiwan (AIT), and other global government, think tank, and humanitarian organisations that \"fall within the strategic interests of the Chinese government\".
According to a report by cybersecurity<\/a> firm Recorded Future, the group has also engaged in direct targeting of ethnic and religious minorities, including individuals and organisations within Tibetan and Uyghur communities.
\"In recent years RedAlpha has also displayed a particular interest in spoofing political, government, and think tank organisations in Taiwan, likely in an effort to gather political intelligence,\" said the report.
The China-based hacking group targeted individuals via emails containing abasic PDF files with links to the phishing sites, typically stating that a user needs to click the link to preview or download files.
Over the past three years, RedAlpha continued to conduct credential-phishing activity using large clusters of operational infrastructure to support campaigns.
\"In late 2019 and early 2020, the group likely shifted away from older infrastructure TTPs exhibited in public reporting, such as the registration of domains through GoDaddy and hosting on Choopa (Vultr) and Forewin Telecom infrastructure,\" the report revealed.
The researchers observed RedAlpha consistently register domains spoofing Taiwanese or Taiwan-based government, think tank, and political organisations.
\"Notably, this included the registration of multiple domains imitating the American Institute in Taiwan (AIT), the de facto embassy of the United States of America in Taiwan, during a time of increasing US-China tension regarding Taiwan over the past year,\" they said.
RedAlpha's activity has expanded over the past several years to include credential-phishing campaigns spoofing ministries of foreign affairs in multiple countries.
A Chinese government spokesperson told the MIT Technology Review that the country opposes all cyberattacks<\/a> and would \"never encourage, support, or connive\" to carry out such activity.<\/p><\/body>","next_sibling":[{"msid":93688174,"title":"Twitter to cut annual bonuses for employees to 50% amid downturn","entity_type":"ARTICLE","link":"\/news\/twitter-to-cut-annual-bonuses-for-employees-to-50-amid-downturn\/93688174","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"93688028","title":"hacker","entity_type":"IMAGES","seopath":"news\/india\/china-backed-hackers-spying-on-govts-indias-nic-among-victims\/hacker","category_name":"China-backed hackers spying on govts, India's NIC among victims","synopsis":false,"thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-51262\/93688028.cms?width=150&height=112","link":"\/image\/india\/china-backed-hackers-spying-on-govts-indias-nic-among-victims\/hacker\/93688028"}],"msid":93688273,"entity_type":"ARTICLE","title":"China-backed hackers spying on govts, India's NIC among victims","synopsis":"The group known as 'RedAlpha' has consistently spoofed login pages for NIC, which manages wider IT infrastructure and services for the Indian government. The hacking group weaponised some least 350 domains last year alone.","titleseo":"telecomnews\/china-backed-hackers-spying-on-govts-indias-nic-among-victims","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":300,"shares":0,"engagementtimems":1289000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-08-21 11:45:11","lastupd":"2022-08-21 11:51:03","breadcrumbTags":["nic","chinese hacking group","National Informatics Centre","mercator","internet","redalpha","cyberattacks","it infrastructure","hacking","cybersecurity"],"secinfo":{"seolocation":"telecomnews\/china-backed-hackers-spying-on-govts-indias-nic-among-victims"}}" data-authors="[" "]" data-category-name="" data-category_id="" data-date="2022-08-21" data-index="article_1">
家由中国政府支持的黑客监视政府,印度的NIC受害者之一
该集团被称为“RedAlpha对网卡的一贯欺骗登录页面,负责管理IT基础设施印度政府和服务。黑客组织架武装一些仅去年一年至少350域。
China-sponsored黑客组织欺骗组织,如国际人权联合会(FIDH),国际特赦组织,墨卡托投影中国研究所(美力克),自由亚洲电台(RFA),美国在台协会(AIT),和其他全球政府智库和人道主义组织“属于中国政府的战略利益”。
近年来“RedAlpha也表现出特别的兴趣欺骗政治,政府,和智库组织在台湾,可能为了收集政治情报,”报告说。
中国黑客组织有针对性的个人通过电子邮件包含基本的PDF文件链接到钓鱼网站,通常表示一个用户需要点击链接预览或下载文件。
在过去三年中,RedAlpha继续进行credential-phishing活动使用大型集群的操作基础设施,以支持活动。
”在2019年末和2020年初,该集团可能转移远离旧基础设施ttp公开展出报告,如通过GoDaddy域名登记和托管在Choopa (Vultr)和Forewin电信基础设施,”报告显示。
研究者观察RedAlpha持续注册域名欺骗台湾、台湾政府智库和政治组织。
”值得注意的是,这包括注册多个域名模仿美国在台协会(AIT),事实上的美国大使馆在台湾,增加中美紧张期间关于台湾在过去的一年,”他们说。
RedAlpha活动扩大了在过去的几年中,包括credential-phishing宣传欺骗外交部在多个国家。
一位中国政府发言人告诉《麻省理工学院技术评论,反对一切网络攻击并将“从不鼓励、支持或默许”开展这样的活动。
读到
A hacking<\/a> group allegedly backed by the Chinese government has been attacking governments, NGOs, news publications and think tanks globally -- including India's National Informatics Centre<\/a> (NIC<\/a>) -- sending them emails which, once opened, were used to steal their login credentials.
The group known as 'RedAlpha<\/a>' has consistently spoofed login pages for NIC, which manages wider IT infrastructure<\/a> and services for the Indian government. The hacking group weaponised some least 350 domains last year alone.
The China-sponsored hacking group spoofed organisations such as the International Federation for Human Rights (FIDH), Amnesty International, the Mercator<\/a> Institute for China Studies (MERICS), Radio Free Asia (RFA), the American Institute in Taiwan (AIT), and other global government, think tank, and humanitarian organisations that \"fall within the strategic interests of the Chinese government\".
According to a report by cybersecurity<\/a> firm Recorded Future, the group has also engaged in direct targeting of ethnic and religious minorities, including individuals and organisations within Tibetan and Uyghur communities.
\"In recent years RedAlpha has also displayed a particular interest in spoofing political, government, and think tank organisations in Taiwan, likely in an effort to gather political intelligence,\" said the report.
The China-based hacking group targeted individuals via emails containing abasic PDF files with links to the phishing sites, typically stating that a user needs to click the link to preview or download files.
Over the past three years, RedAlpha continued to conduct credential-phishing activity using large clusters of operational infrastructure to support campaigns.
\"In late 2019 and early 2020, the group likely shifted away from older infrastructure TTPs exhibited in public reporting, such as the registration of domains through GoDaddy and hosting on Choopa (Vultr) and Forewin Telecom infrastructure,\" the report revealed.
The researchers observed RedAlpha consistently register domains spoofing Taiwanese or Taiwan-based government, think tank, and political organisations.
\"Notably, this included the registration of multiple domains imitating the American Institute in Taiwan (AIT), the de facto embassy of the United States of America in Taiwan, during a time of increasing US-China tension regarding Taiwan over the past year,\" they said.
RedAlpha's activity has expanded over the past several years to include credential-phishing campaigns spoofing ministries of foreign affairs in multiple countries.
A Chinese government spokesperson told the MIT Technology Review that the country opposes all cyberattacks<\/a> and would \"never encourage, support, or connive\" to carry out such activity.<\/p><\/body>","next_sibling":[{"msid":93688174,"title":"Twitter to cut annual bonuses for employees to 50% amid downturn","entity_type":"ARTICLE","link":"\/news\/twitter-to-cut-annual-bonuses-for-employees-to-50-amid-downturn\/93688174","category_name":null,"category_name_seo":"telecomnews"}],"related_content":[{"msid":"93688028","title":"hacker","entity_type":"IMAGES","seopath":"news\/india\/china-backed-hackers-spying-on-govts-indias-nic-among-victims\/hacker","category_name":"China-backed hackers spying on govts, India's NIC among victims","synopsis":false,"thumb":"https:\/\/etimg.etb2bimg.com\/thumb\/img-size-51262\/93688028.cms?width=150&height=112","link":"\/image\/india\/china-backed-hackers-spying-on-govts-indias-nic-among-victims\/hacker\/93688028"}],"msid":93688273,"entity_type":"ARTICLE","title":"China-backed hackers spying on govts, India's NIC among victims","synopsis":"The group known as 'RedAlpha' has consistently spoofed login pages for NIC, which manages wider IT infrastructure and services for the Indian government. The hacking group weaponised some least 350 domains last year alone.","titleseo":"telecomnews\/china-backed-hackers-spying-on-govts-indias-nic-among-victims","status":"ACTIVE","authors":[],"analytics":{"comments":0,"views":300,"shares":0,"engagementtimems":1289000},"Alttitle":{"minfo":""},"artag":"IANS","artdate":"2022-08-21 11:45:11","lastupd":"2022-08-21 11:51:03","breadcrumbTags":["nic","chinese hacking group","National Informatics Centre","mercator","internet","redalpha","cyberattacks","it infrastructure","hacking","cybersecurity"],"secinfo":{"seolocation":"telecomnews\/china-backed-hackers-spying-on-govts-indias-nic-among-victims"}}" data-news_link="//www.iser-br.com/news/china-backed-hackers-spying-on-govts-indias-nic-among-victims/93688273">
评论
现在评论 阅读评论(1)所有评论
找到这个评论进攻?
下面选择你的理由并单击submit按钮。这将提醒我们的版主采取行动