Google reports on government hackers operating during the pandemic, highlighting the rise of Chinese hacker groups and 'hackers for hire'



Google has released a report on attacks and government hacker operations that took place on the Internet around the world in the first half of 2020. In the report, Google highlighted the rise of Indian 'hackers for hire' who launched attacks taking advantage of the COVID-19 pandemic, as well as Chinese hacker groups aiming to interfere in politics and manipulate influence.

Updates about government-backed hacking and disinformation

https://blog.google/threat-analysis-group/updates-about-government-backed-hacking-and-disinformation

Below is a map of the regions targeted by government-sponsored phishing attacks in April 2020, released by Google's Threat Analytis Group (TAG). The darker the color, the more attacks there were, with many attacks confirmed in the United States and Southeast Asia.



In outlining the situation in the first half of 2020, TAG stated, 'We have received significant information about COVID-19-themed attacks. In particular, it is noteworthy that attacks against healthcare workers, including WHO personnel, have been ongoing.'

One of the most prominent attacks against healthcare organizations was carried out by a 'hack-for-hire' group based in India, which launched an aggressive phishing campaign targeting financial services and healthcare companies in a number of countries, including the United States, Slovenia, Canada, India, Bahrain, Cyprus, and the United Kingdom.

The lures used in the phishing attacks included emails disguised as WHO information about the latest developments in the new coronavirus, as well as fake websites disguised as the WHO's official website.



There was also a lot of activity aimed at influencing politics. According to TAG's announcement, since March 2020, over 1,000 YouTube channels have been removed for coordinated influence manipulation. Regarding the accounts that were removed, TAG said, 'Most of the removed channels uploaded spammy, non-political content, but a small number of channels posted political content, primarily in Chinese, as recently reported by social media analytics company Graphika.'

Graphika's report on the pro-China spam network is linked below.

Return of the (Spamouflage) Dragon

https://graphika.com/reports/return-of-the-spamouflage-dragon-1

In the report, Graphika pointed out that a group called 'Spamouflage Dragon' has been creating large amounts of political spam content, including content favorable to the Chinese government, and has used it to silence Hong Kong protesters and attack businessman Guo Wengui , who has made critical remarks about the Chinese government.


by Graphika

In addition, since the COVID-19 pandemic began to wreak havoc around the world, groups such as 'Spamouflage Dragon' have also been praising the Chinese government's response to the COVID-19 pandemic and spreading negative messages about people who criticize the Chinese government's response. According to an investigation by the British broadcasting station BBC, there were more than 1,200 accounts engaged in such activities on YouTube, Twitter, Facebook, and other platforms.

'Government-sponsored hacker groups carry out attacks for a variety of purposes, including to collect information and steal intellectual property , target dissidents, and conduct influence operations and disinformation campaigns. While our services, such as Gmail protection and Chrome Safe Browsing, are designed with robust security in mind, we will continue to devote significant resources to developing tools and technologies to identify, track and stop malicious activity,' TAG said.

in Security, Posted by log1l_ks