Suspected State Hackers Stole Military Data From Asian Countries

(Bloomberg) -- A hacking campaign suspected to be linked to an Asian government breached seven high-profile targets in Southeast Asia and Europe, including government and military agencies, according to the cybersecurity firm Group-IB.

Most Read from Bloomberg

US Safety Agency to Consider Ban on Gas Stoves Amid Health Fears

Rental Housing Is Suddenly Headed Toward a Hard Landing

Brady, Gisele, Patriots' Bob Kraft Among FTX Shareholders Facing Wipeout

Apple to Begin Making In-House Screens in 2024 in Shift Away From Samsung

Microsoft Considers $10 Billion Investment in ChatGPT Creator

The newly identified hacker group, dubbed Dark Pink, used phishing emails and advanced malware to compromise the defenses of military branches in the Philippines and Malaysia, as well as government organizations in Cambodia, Indonesia, and Bosnia-Herzegovina, from September to December last year. Also targeted were a non-profit, a religious organization, and a European state development agency based in Vietnam, Singapore-based Group-IB said in a report published Wednesday.

The relevant government and military agencies in those countries didn't immediately respond to emailed requests for comment.

'Dark Pink's activity is significant, as it is clear that they attempted to steal documentation from compromised networks in order to find sensitive information,' said Andrey Polovinkin, a malware analyst at Group-IB. 'Taking into account the group's modus operandi, its target list that includes mainly government and military bodies, as well as their sophisticated toolset, Dark Pink is most likely a previously undocumented nation-state espionage campaign.'

The cyberattacks that likely originated from the Asia-Pacific region were aimed at corporate espionage, including by stealing documents and recording audio from targeted devices, according to Group-IB. The hackers sent their targets emails containing a website link that could be used to download a malicious file, which would then steal personal information from the infected devices including passwords, browser history, and data from social apps like Viber and Telegram.

Chinese researchers from the Zhejiang-based firm DAS-Security also published a report on WeChat last Friday on the hackers, which it named Saaiwc Group. It said the group had targeted a Vietnamese leadership initiative run by the US State Department, the Philippines military, and Cambodia's ministry of economy and finance in May, October, and November respectively.

Government and military organizations are frequently prime targets for hackers, given the confidential and sensitive data on their networks, and email continues to be one of the common breach methods. Asia became the region most targeted by cyberattacks, according to IBM Security's threat intelligence index last year, receiving one in four recorded attacks.

Most Read from Bloomberg Businessweek

America's Aggressive Chip Strategy Forces China Into a Corner

The Great American EV Battery Revolution Might Finally Be Here

Poland's Election Provides a Path Out of EU Isolation

Google and Meta Are Losing Their Grip on the Digital Ad Market

Death of Easy Money Creates Financial Upheaval Around the Globe

__LINK__P.