News / Science & Technology

    Researcher: Chinese Hackers Spied on Europeans Before G20 Meeting

    Russia's President Vladimir Putin speaks during a media conference after a G20 summit in St. Petersburg, Russia on Sept. 6, 2013.
    Russia's President Vladimir Putin speaks during a media conference after a G20 summit in St. Petersburg, Russia on Sept. 6, 2013.
    Reuters
    Chinese hackers eavesdropped on the computers of five European foreign ministries before last September's G20 Summit, which was dominated by the Syrian crisis, according to research by computer security firm FireEye.
     
    The hackers infiltrated the ministries' computer networks by sending emails to staff containing tainted files with titles such as “UStmilitarytoptionstintSyria,” said FireEye, which sells virus fighting technology to companies.
     
    When recipients opened these documents, they loaded malicious code on to their personal computers.
     
    For about a week in late August, California-based FireEye said its researchers were able to monitor the “inner workings” of the main computer server used by the hackers to conduct their reconnaissance and move across compromised systems.
     
    FireEye lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia. FireEye said it believes the hackers were preparing to start stealing data just as the researchers lost access.
     
    The U.S. company declined to identify the nations whose ministries were hacked, although it said they were all members of the European Union. FireEye said it reported the attacks to the victims through the Federal Bureau of Investigation.
     
    A spokeswoman for the FBI, Jenny Shearer, declined to comment.
     
    “The theme of the attacks was U.S. military intervention in Syria,” said FireEye researcher Nart Villeneuve, one of six researchers who prepared the report. “That seems to indicate something more than intellectual property theft... The intent was to target those involved with the G20.”
     
    The Sept. 5-6 G20 summit was dominated by discussion of the Syrian crisis, with some European leaders putting pressure on U.S. President Barack Obama to hold off on taking military action against Syrian President Bashar al-Assad.
     
    Villeneuve said he was confident that the hackers were from China based on a variety of technical evidence, including the language used on their control server and the machines that they used to test their malicious code.
     
    However, Villeneuve also admitted that he did not have any hard evidence that linked the hackers to the Chinese government. “All we have is technical data,” Villeneuve said, stressing the impossibility of coming to an absolute conclusion on technical data alone.
     
    Chinese Foreign Ministry spokesman Hong Lei said China opposed any hacking activities.
     
    “U.S. internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible,” Hong told a daily news briefing in Beijing.
     
    One of Dozens
     
    Western cybersecurity firms monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain.
     
    China has long denied those allegations, saying it is the victim of spying by the United States. Those claims gained some credibility after former National Security Agency contractor Edward Snowden began leaking documents about U.S. surveillance of foreign countries, including China.
     
    FireEye said it had been following the hackers behind the Syria-related attack for several years, but this is the first time the group's activities have been publicly documented. The company calls the group “Ke3chang,” after the name of one of the files it uses in one of its pieces of malicious software.
     
    FireEye said it believed the hackers dubbed the Syria-related campaign “moviestar” because that phrase was used as a tag on communications between infected computers and the hackers' command-and-control server.
     
    In 2011, the group ran another operation dubbed “snake”, which enticed victims with a file that FireEye said contained nude pictures of Carla Bruni, the Italian-French singer, songwriter and model who in 2008 married then French President Nicolas Sarkozy.
     
    The host name for that campaign's command-and-control server contained the string “g20news”, which might indicate that it was related to the G20 Finance Ministers meeting in Paris in 2011, FireEye said.
     
    The email address used to send those malicious files had the phrase “consulate” in it, which also bolstered the possibility that the attack was politically motivated, Villeneuve said.
     
    He said researchers only gathered evidence about “snake” through reviewing emails and malicious code. They did not have access to its command-and-control server, which they did in the case of the “moviestar” attack.

    You May Like

    Russian-Backed Offensive in Syria Pushes War to Tipping Point

    As threat to Aleppo and rebel forces grows, US plan to negotiate becomes less and less appealing for Syrian government, says one military analyst

    IS Runs Timber Smuggling Business in Afghanistan, Officials Say

    Government turning blind eye to smuggling, according to tribal leaders; Afghanistan's forest cover dropped by 50 percent in three decades, experts say

    Video White House Seeks $1.8 Billion to Combat Zika

    Obama administration says funding would 'support essential strategies to combat the virus' such as rapidly expanding mosquito control programs, accelerating vaccine research

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    'No Means No' Program Targets Sexual Violence in Kenyai
    X
    February 08, 2016 4:30 PM
    The organizers of an initiative to reduce and stop rape in the informal settlements around Kenya's capital say their program is having marked success. Girls are taking self-defense classes while the boys are learning how to protect the girls and respect them. Lenny Ruvaga reports from Nairobi.
    Video

    Video 'No Means No' Program Targets Sexual Violence in Kenya

    The organizers of an initiative to reduce and stop rape in the informal settlements around Kenya's capital say their program is having marked success. Girls are taking self-defense classes while the boys are learning how to protect the girls and respect them. Lenny Ruvaga reports from Nairobi.
    Video

    Video New Hampshire Voters Are Independent, Mindful of History

    Once every four years, the northeastern state of New Hampshire becomes the center of the U.S. political universe with its first-in-the-nation presidential primary. What's unusual about New Hampshire is how seriously the voters take their role and the responsibility of being among the first to weigh in on the candidates.
    Video

    Video Chocolate Lovers Get a Sweet History Lesson

    Observed in many countries around the world, Valentine’s Day is sometimes celebrated with chocolate festivals. But at a festival near Washington, the visitors experience a bit more than a sugar rush. They go on a sweet journey through history. VOA’s June Soh takes us to the festival.
    Video

    Video 'Smart' Bandages Could Heal Wounds More Quickly

    Simple bandages are usually seen as the first line of attack in healing small to moderate wounds and burns. But scientists say new synthetic materials with embedded microsensors could turn bandages into a much more valuable tool for emergency physicians. VOA’s George Putic reports.
    Video

    Video Bhutanese Refugees in New Hampshire Closely Watching Primary Election

    They fled their country and lived in refugee camps in neighboring Nepal for decades before being resettled in the northeastern U.S. state of New Hampshire -- now the focus of the U.S. presidential contest. VOA correspondent Aru Pande spoke with members of the Bhutanese community, including new American citizens, about the campaign and the strong anti-immigrant rhetoric of some of the candidates.
    Video

    Video Researchers Use 3-D Printer to Produce Transplantable Body Parts

    Human organ transplants have become fairly common around the world in the past few decades. Researchers at various universities are coordinating their efforts to find solutions -- including teams at the University of Pennsylvania and Rice University in Houston that are experimenting with a 3-D printer -- to make blood vessels and other structures for implant. As VOA’s Greg Flakus reports from Houston, they are also using these artificial body parts to seek ways of defeating cancerous tumors.
    Video

    Video Helping the Blind 'See' Great Art

    There are 285 million blind and visually impaired people in the world who are unable to enjoy visual art at a museum. One New York photographer is trying to fix this situation by making tangible copies of the world’s masterpieces. VOA correspondent Victoria Kupchinetsky was there as visually impaired people got a feel for great art. Joy Wagner narrates her report.
    Video

    Video Sanders, Clinton Battle for Young Democratic Vote

    Despite a narrow loss to former Secretary of State Hillary Clinton in last week's Iowa Democratic caucuses, Vermont Senator Bernie Sanders secured more than 80 percent of the vote among those between the ages of 18 and 29. VOA correspondent Aru Pande talks to Democrats in New Hampshire about who they are leaning towards and why in this week's primary.
    Video

    Video German Artists to Memorialize Refugees With Life Jacket Exhibit

    Sold in every kind of shop in some Turkish port towns, life jackets have become a symbol of the refugee crisis that brought a million people to Europe in 2015.  On the shores of Lesbos, Greece, German artists collect discarded life jackets as they prepare an art installation they plan to display in Germany.  For VOA, Hamada Elrasam has this report from Lesbos, Greece.
    Video

    Video E-readers Help Ease Africa's Book Shortage

    Millions of people in Africa can't read, and there's a chronic shortage of books. A non-profit organization called Worldreader is trying to help change all that one e-reader at a time. VOA’s Deborah Block tells us about a girls' school in Nairobi, Kenya where Worldreader is making a difference.
    Video

    Video Genius Lets World Share Its Knowledge

    Inspired by crowdsourcing companies like Wikipedia, Genius allows anyone to edit anything on the web, using its web annotation tool
    Video

    Video In Philippines, Mixed Feelings About Greater US Military Presence

    In the Philippines, some who will be directly affected by a recent Supreme Court decision clearing the way for more United States troop visits are having mixed reactions.  The increased rotations come at a time when the Philippines is trying to build up its military in the face of growing maritime assertiveness from China.  From Bahile, Palawan on the coast of the South China Sea, Simone Orendain has this story.
    Video

    Video Microcephaly's Connection to Zika: Guilty Until Proven Innocent

    The Zika virus rarely causes problems for the people who get it, but it seems to be having a devastating impact on babies whose mothers are infected with Zika. VOA's Carol Pearson has more.
    Video

    Video Stunning Artworks Attract Record Crowds, Thanks to Social Media

    A new exhibit at the oldest art museum in America is shattering attendance records. Thousands of visitors are lining up to see nine giant works of art that have gotten a much-deserved shot of viral marketing. The 150-year-old Smithsonian American Art Museum has never had a response quite like this. VOA's Julie Taboh reports.