Report: State-Sponsored Chinese Hacking Group Attacks Crypto Companies

A Chinese espionage operator is assaulting crypto companies amid state-sponsored campaigns, according to a FireEye Threat Intelligence report published August 2.

The intelligence firm “assesses with high confidence” that APT41, a hacking collective, has moved on from financially propelled attacks of video game firms to working alongside the Chinese government.

Purportedly, the hacker group “targets industries in a manner generally aligned with China’s Five-Year economic development plans.” 

In addition to focused attacks of fintech, healthcare, telecoms, and film and media firms, evidence suggests APT41 has invaded and phished several companies working within the crypto industry.

In June 2018, APT41 sent spear-phishing emails that provoked targets to join a cryptocurrency-denominated decentralized gaming platform to game studios.

At the same time, a crypto exchange was targeted by the same email address, purportedly operated by one Tom Giardino.

Moreover, in at least one instance, the hacking group sent malicious code that transfers a monero mining bot on a target’s computer—which is largely becoming a common form of cyber extortion.