News / Science & Technology

    Researcher: Chinese Hackers Spied on Europeans Before G20 Meeting

    Russia's President Vladimir Putin speaks during a media conference after a G20 summit in St. Petersburg, Russia on Sept. 6, 2013.
    Russia's President Vladimir Putin speaks during a media conference after a G20 summit in St. Petersburg, Russia on Sept. 6, 2013.
    Reuters
    Chinese hackers eavesdropped on the computers of five European foreign ministries before last September's G20 Summit, which was dominated by the Syrian crisis, according to research by computer security firm FireEye.
     
    The hackers infiltrated the ministries' computer networks by sending emails to staff containing tainted files with titles such as “UStmilitarytoptionstintSyria,” said FireEye, which sells virus fighting technology to companies.
     
    When recipients opened these documents, they loaded malicious code on to their personal computers.
     
    For about a week in late August, California-based FireEye said its researchers were able to monitor the “inner workings” of the main computer server used by the hackers to conduct their reconnaissance and move across compromised systems.
     
    FireEye lost access to the hackers after they moved to another server shortly before the G20 Summit in St. Petersburg, Russia. FireEye said it believes the hackers were preparing to start stealing data just as the researchers lost access.
     
    The U.S. company declined to identify the nations whose ministries were hacked, although it said they were all members of the European Union. FireEye said it reported the attacks to the victims through the Federal Bureau of Investigation.
     
    A spokeswoman for the FBI, Jenny Shearer, declined to comment.
     
    “The theme of the attacks was U.S. military intervention in Syria,” said FireEye researcher Nart Villeneuve, one of six researchers who prepared the report. “That seems to indicate something more than intellectual property theft... The intent was to target those involved with the G20.”
     
    The Sept. 5-6 G20 summit was dominated by discussion of the Syrian crisis, with some European leaders putting pressure on U.S. President Barack Obama to hold off on taking military action against Syrian President Bashar al-Assad.
     
    Villeneuve said he was confident that the hackers were from China based on a variety of technical evidence, including the language used on their control server and the machines that they used to test their malicious code.
     
    However, Villeneuve also admitted that he did not have any hard evidence that linked the hackers to the Chinese government. “All we have is technical data,” Villeneuve said, stressing the impossibility of coming to an absolute conclusion on technical data alone.
     
    Chinese Foreign Ministry spokesman Hong Lei said China opposed any hacking activities.
     
    “U.S. internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible,” Hong told a daily news briefing in Beijing.
     
    One of Dozens
     
    Western cybersecurity firms monitor several dozen hacking groups operating in China, most of which they suspect of having ties to the government. The firms also suspect the hacking groups of stealing intellectual property for commercial gain.
     
    China has long denied those allegations, saying it is the victim of spying by the United States. Those claims gained some credibility after former National Security Agency contractor Edward Snowden began leaking documents about U.S. surveillance of foreign countries, including China.
     
    FireEye said it had been following the hackers behind the Syria-related attack for several years, but this is the first time the group's activities have been publicly documented. The company calls the group “Ke3chang,” after the name of one of the files it uses in one of its pieces of malicious software.
     
    FireEye said it believed the hackers dubbed the Syria-related campaign “moviestar” because that phrase was used as a tag on communications between infected computers and the hackers' command-and-control server.
     
    In 2011, the group ran another operation dubbed “snake”, which enticed victims with a file that FireEye said contained nude pictures of Carla Bruni, the Italian-French singer, songwriter and model who in 2008 married then French President Nicolas Sarkozy.
     
    The host name for that campaign's command-and-control server contained the string “g20news”, which might indicate that it was related to the G20 Finance Ministers meeting in Paris in 2011, FireEye said.
     
    The email address used to send those malicious files had the phrase “consulate” in it, which also bolstered the possibility that the attack was politically motivated, Villeneuve said.
     
    He said researchers only gathered evidence about “snake” through reviewing emails and malicious code. They did not have access to its command-and-control server, which they did in the case of the “moviestar” attack.

    You May Like

    Video Rubio Looks to Surge in New Hampshire

    Republican presidential candidate has moved into second place in several recent surveys and appears to be gaining ground on longtime frontrunner Donald Trump

    UN Calls for Global Ban on Female Genital Mutilation

    Recent UNICEF report finds at least 200 million girls and women alive today have undergone female genital mutilation in 30 countries

    UN Pilots New Peace Approach in CAR

    Approach launched in northern town of Kaga Bandoro, where former combatants of mainly Muslim Seleka armed group and Christian and animist anti-Balaka movement are being paid to do community work

    Featured Videos

    Your JavaScript is turned off or you have an old version of Adobe's Flash Player. Get the latest Flash player.
    German Artists to Memorialize Refugees With Life Jacket Exhibiti
    X
    Hamada Elsaram
    February 05, 2016 4:30 PM
    Sold in every kind of shop in some Turkish port towns, life jackets have become a symbol of the refugee crisis that brought a million people to Europe in 2015.  On the shores of Lesbos, Greece, German artists collect discarded life jackets as they prepare an art installation they plan to display in Germany.  For VOA, Hamada Elrasam has this report from Lesbos, Greece.
    Video

    Video German Artists to Memorialize Refugees With Life Jacket Exhibit

    Sold in every kind of shop in some Turkish port towns, life jackets have become a symbol of the refugee crisis that brought a million people to Europe in 2015.  On the shores of Lesbos, Greece, German artists collect discarded life jackets as they prepare an art installation they plan to display in Germany.  For VOA, Hamada Elrasam has this report from Lesbos, Greece.
    Video

    Video E-readers Help Ease Africa's Book Shortage

    Millions of people in Africa can't read, and there's a chronic shortage of books. A non-profit organization called Worldreader is trying to help change all that one e-reader at a time. VOA’s Deborah Block tells us about a girls' school in Nairobi, Kenya where Worldreader is making a difference.
    Video

    Video Genius Lets World Share Its Knowledge

    Inspired by crowdsourcing companies like Wikipedia, Genius allows anyone to edit anything on the web, using its web annotation tool
    Video

    Video Former Drug CEO Martin Shkreli Angers US Lawmakers

    A former U.S. pharmaceutical business executive has angered lawmakers by refusing to explain why he raised the price of a life-saving pill by 5,000 percent. Martin Shkreli was removed from a congressional hearing on Thursday after citing his Fifth Amendment right to stay silent. Zlatica Hoke has more.
    Video

    Video Super Bowl TV Commercials are Super Business for Advertisers

    The Super Bowl, the championship clash between the two top teams in American Football, is the most-watched sporting event of the year, and advertisers are lining up and paying big bucks to get their commercials on the air. In fact, the TV commercials during the Super Bowl have become one of the most anticipated and popular features of the event. VOA's Brian Allen has a sneak peek of what you can expect to see when the big game goes to commercial break, and the real entertainment begins.
    Video

    Video In Philippines, Mixed Feelings About Greater US Military Presence

    In the Philippines, some who will be directly affected by a recent Supreme Court decision clearing the way for more United States troop visits are having mixed reactions.  The increased rotations come at a time when the Philippines is trying to build up its military in the face of growing maritime assertiveness from China.  From Bahile, Palawan on the coast of the South China Sea, Simone Orendain has this story.
    Video

    Video Microcephaly's Connection to Zika: Guilty Until Proven Innocent

    The Zika virus rarely causes problems for the people who get it, but it seems to be having a devastating impact on babies whose mothers are infected with Zika. VOA's Carol Pearson has more.
    Video

    Video Solar Innovation Provides Cheap, Clean Energy to Kenya Residents

    In Kenya, a company called M-Kopa Solar is providing clean energy to more than 300,000 homes across East Africa by allowing customers to "pay-as-you-go" via their cell phones. As Lenny Ruvaga reports from Kangemi, customers pay a small deposit for a solar unit and then pay less than a dollar a day to get clean energy to light up their homes or businesses.
    Video

    Video Stunning Artworks Attract Record Crowds, Thanks to Social Media

    A new exhibit at the oldest art museum in America is shattering attendance records. Thousands of visitors are lining up to see nine giant works of art that have gotten a much-deserved shot of viral marketing. The 150-year-old Smithsonian American Art Museum has never had a response quite like this. VOA's Julie Taboh reports.
    Video

    Video Apprenticeships Put Americans on Path Back to Work

    Trying to get more people into the U.S. workforce, the Obama administration last year announced $175 million in grants towards apprenticeship programs. VOA White House correspondent Aru Pande went inside one training center outside of Washington that has gained national recognition for helping put people on the path to employment.
    Video

    Video New Material May Reduce Concussion Effects

    As the 2016 National Football League season reaches its summit at the Super Bowl this coming Sunday (2/7), scientists are trying to learn how to more effectively protect football players from dangerous and damaging concussions. Researchers at Cardiff and Cambridge Universities say their origami-based material may solve the problem. VOA’s George Putic reports.
    Video

    Video Saudi Arabian Women's Sports Chip Away at Stereotypes

    Saudi Arabian female athletes say that sports are on the front line of busting traditions that quash women’s voices, both locally and internationally. In their hometown of Jeddah, a group of basketball players say that by connecting sports to health issues, they are encouraging women and girls to get out of their homes and participate in public life. VOA’s Heather Murdock reports.
    Video

    Video A Year Later, Fortunes Mixed for Syrians Forging New Lives in Berlin

    In April of last year, VOA followed the progress of six young Syrian refugees -- four brothers and their two friends -- as they made their way from Libya to Italy by boat, and eventually to Germany. Reporter Henry Ridgwell caught up with the refugees again in Berlin, as they struggle to forge new lives amid the turmoil of Europe's refugee crisis.
    Video

    Video Zika Virus May be Hard to Stop

    With the Zika virus spreading rapidly, the World Health Organization Monday declared Zika a global health emergency. As Alberto Pimienta reports, for many governments and experts, the worst is yet to come.