Another exposure!"Ten years of attacking China"

People in the inside planting society and aiming at China ... Another hacker organization in this country has been exposed!

On the 16th, China Cyber ​​Security Enterprise Antian Technology Group exclusively disclosed the Global Times that a directional threat attack (APT attack) from India organized for ten years for the surrounding targets of India and including China, including China Network attack activities.

Antian named the organization the "secret image", which mainly targets social activities in India, social groups, and in the wild party. intelligence. Antian borrowed the research results of other international security teams and added the results of the "Secretary" organization's network attack activity for the network attack activities of important units in my country. Finally, the operators behind the organization were locked through traceability analysis. time).

Li Baisong, deputy chief engineer of Antian Technology Group, introduced to the Global Times reporter that the main attack method of the "Anthology" organization is through Google/Yahoo mailbox or stolen mailbox account, sending the target to the target with confusing fish fork -style Fishing emails, deceiving the target to run the bait files with a variety of killing skills, including mature commercial remote control Trojan carrier files. "At least since 2012, the organization targets the targets of India, as well as the targets around India, including China, , Launched a ten -year cyber attack activity. Because the attack organization has been trapped in Indian domestic social activities through network attacks, the means are extremely dark. The actions were hidden, and the hidden for more than ten years was rarely exposed, so the organization was named 'secret sign'. "

In January 2018, there was a violent conflict in Bhimakoregaon. Rona Wilson, a well -known Indian social activist, became one of the defendants in the case, and this was derived from the long -term layout of the "secret image" organization to be trapped in false electronic evidence. As early as 3:07 pm on June 13, 2016, Rona Wilson received an email from a friend, reminding Wilson to download the document in the attachment. In fact, this is a Trojan horse file sent by a hacker to steal the mailbox account of this friend. The attacker not only performs a series of secret operations from Wilson's computer, but also controls its computer system through Netwire Trojan.

At 6 am on April 17, 2018, Police Police in Puna District, Mahara Shira, India claimed that he was reported by the lineman and went to the Rideson's house in New Delhi, and used the U disk and the U disk and in Wilson. Some "digital evidence" that was sufficient to be criminal was seized in the computer hard disk.

Most of the attack cases monitored by Antian, attackers prefer to use Google and Yahoo mailboxes to disguise their friends or well -known agencies and well -known institutions in the society. The other party's work direction is closely related. Li Baisong said: "The key goal of the attacker is the active persons of social activists, social groups, and the Indian Communist Party of India's local activities. For particularly important personal goals, the monitoring activities that have gained over many systematic platforms for many years. Personal privacy and document information, and sends illegal information through these attacked devices to create false cases and be trapped in. For military and political goals outside India, the attackers are mainly the main purpose of long -term lurking and continuous secret stealing. "

In addition, the organization will target my country's military and political goals. According to the introduction, on October 13, 2020, a mailbox of an important unit in China received a suspicious email. The sender used the Gmail mailbox. The text provides a network disk link for downloading suspicious files. When the self -decompression bait was executed, the four Trojan procedures began to run. Li Baisong explained, "This Parallaxrat remote control Trojan belongs to the open commercial remote control. Management, uploading, and execution capabilities, the function of the function is mature and stable, enough to support conventional secret operation. "

According to the Global Times, An Tian's capture analysis of cyber attacks from suspected India began in 2013. He has captured, analyzed, naming and exposed attack organizations such as "white elephants", "young elephant", and "bitter elephant". Li Baisong said: "In the past 10 years of attacks, the focus of India's network attack has gradually shifted from Pakistan to China. By monitoring the activity of the" Anti -image "attack organization, we can see that the relevant Indian agencies not only are not extremely frequent at each other very frequently Surgee countries have implemented network attacks, and at the same time, it also uses network attacks to be widely used in domestic social management and control, and even used to trap its domestic social activities. The actions are strong and worthy of attention and vigilance. "

Global Times-Global Network Guo Yuandan

- END -