It now seems that a new Chinese Cyber Criminal group is on the prowl, and thee details have been revealed by cybersecurity intelligence company FireEye. As per these details, the Chinese cyber threat group is called the Advanced Persistent Threat Group (APT41).
“APT41 is unique among the China-nexus actors we track in that it uses tools typically reserved for espionage campaigns in what appears to be an activity for personal gain. They are as agile as they are skilled and well-resourced,” stated Sandra Joyce who is Senior Vice President at Global Threat Intelligence at FireEye.
“Their aggressive and persistent operations for both espionage and cybercrime purposes distinguish APT41 from other adversaries and make them a major threat across multiple industries,” added Joyce.
As far as the APT41 is concerned, the digital threat targets industries such as healthcare, telecommunications, higher education, video games, travel, and even news companies. This threat is also identified by FireEye as a potential worldwide cyber threat phenomenon.
A startling revelation, that has surfaced at this instant, is the fact that individual members of APT41 had been indulging in financially motivated operations since 2012 even in India along with countries such as Japan, Myanmar, the Netherlands, Singapore, South Korea, South Africa, Switzerland, Thailand, Turkey, the United Kingdom, Hong Kong, and the United States.
FireEye investigations also reveal that the APT41 activity could have now become a state-sponsored activity.
APT41 activity spans across 15 jurisdictions and more than seven years, targeting industries such as healthcare, high-tech, telecommunications, higher education, video gaming, travel, and even news organizations. Tactics are shared between espionage and financial motivated operations.
Modus operandi of the APT41 is targeting healthcare (medical devices and diagnostics), high-tech, and telecommunications with the purpose of collecting strategic intelligence, or as seen in the past, the theft of intellectual property.
In the video game industry, ransomware deployments are reportedly the main motive behind the attacks.