TAIPEI (Taiwan News) — U.S. cybersecurity firm FireEye issued an alert Wednesday (March 25) over a spike in cyberspying conducted by a suspected China-nexus cyberespionage actor since January in one of the most widespread campaigns seen from such groups in recent years.
Hacking group “APT41” ramped up activity between Jan. 20 and March 11, which coincided with the wild spread of the coronavirus. Countries targeted spanned Australia, Canada, Denmark, Finland, France, India, Italy, Japan, Malaysia, Mexico, Philippines, Poland, Qatar, Saudi Arabia, Singapore, Sweden, Switzerland, the United Arab Emirates, the U.K., and the U.S, according to the report.
More than 75 of the company's clients reportedly fell victim to the malicious campaign. They were comprised of a broad spectrum of the public and private sectors, including banking, defense, healthcare, media, telecommunications, transportation, travel, manufacturing, pharmaceuticals, petrochemicals, and utilities.
APT41 is believed to have exploited vulnerabilities found in software developed by Citrix and Cisco, among others. The two companies said they have fixed these flaws and are working with FireEye to identify “potential compromises,” reported Reuters.
FireEye Security Architect Christopher Glyer suggested the surge in hacking activity could be associated with rising tensions between China and the U.S. amid multiple disputes, including trade and the recent Wuhan virus (COVID-19).