According to researchers, Chinese hackers gained access to at least five European ministries in the run-up to the G20 summit last September.
The operation hinged on a phishing campaign that capitalized on the Syrian conflict, with the attackers sending malware-laden emails designed to infect the target’s computers and eavesdrop on communications.
“The theme of the attacks was U.S. military intervention in Syria. That seems to indicate something more than intellectual property theft…The intent was to target those involved with the G20,” said researcher Nart Villeneuve.
The researchers themselves had gained access in August for about one week to a server being used by the attackers, and were able to discern elements of the espionage operation before losing access when the attackers switched servers.
Chinese officials have of course denied any connection to the spying activity, and denounced the operation.
“U.S. internet companies are keen on hyping up the so-called hacker threat from China, but they never obtain irrefutable proof, and what so-called evidence they do get is widely doubted by experts. This is neither professional nor responsible,” said Chinese Foreign Ministry spokesman Hong Lei.
This is the second espionage operation discovered that is connected to the G20 summit held in St. Petersburg, Russia.
In October, it was revealed that commemorative gifts distributed by the Russian government meant to celebrate the G20 Summit were infected with data-stealing malware. The gifts, which included USB drives and phone chargers emblazoned with the G20 Summit logo, were distributed to world leaders at the event.
Categories: Top Security Stories