Home News Cloud Hopper hits several tech firms in Spyware attack

Cloud Hopper hits several tech firms in Spyware attack

Spyware

Security researchers stated that a global hacking campaign backed by China’s Ministry of State Security broke into various technology service providers to steal commercial secrets from their clients.

According to the Reuters investigation report, a group of Chinese cyberspies, known as Cloud Hopper, hacked eight of the world’s biggest technology service providers years ago. The attack exploited the vulnerabilities in those companies’ network systems, spied on their intellectual properties and their customers’ personal data.

The Reuters report revealed the compromised companies list that included Hewlett Packard Enterprise, IBM, Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation, and DXC Technology.

Apart from the service providers, the investigation also identified the victims who were clients of the service providers, which include Swedish telecoms giant Ericsson, U.S. Navy shipbuilder Huntington Ingalls Industries, and travel reservation system Sabre.

Reuters stated that it was unable to discover the full extent of the damage done by Cloud Hopper campaign and many of the victims are uncertain of exactly what information was stolen.

“While there have been attacks on our enterprise network, we have found no evidence in any of our extensive investigations that Ericsson’s infrastructure has ever been used as part of a successful attack on one of our customers,” Ericsson said in a statement.

But the Chinese government denied all the accusations of their involvement in the hacking campaign. “The Chinese government has never in any form participated in or supported any person to carry out the theft of commercial secrets,” The Chinese Foreign Ministry said in a statement.

Recently, the popular messaging app Telegram criticized the Chinese government after it suffered a DDoS (Distributed Denial of Service attack) attack that affected the users in the United States, Hong Kong, and in other countries. Telegram, well-known for its encryption, privacy, and self-destructive private messages, stated the users might have experienced connection issues due to the attack.

Telegram took to Twitter to notify its users. “We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues,” Telegram said in a Twitter post. Describing the attack Telegram said, “A DDoS is a “Distributed Denial of Service attack”: your servers get GADZILLIONS of garbage requests which stop them from processing legitimate requests. Imagine that an army of lemmings just jumped the queue at McDonald’s in front of you – and each is ordering a whopper.”

Meanwhile, the Telegram founder Pavel Durov stated the Chinese government may have been behind the DDoS attack. Durov described the incident as a “state actor-sized DDoS” which came mainly from IP addresses located in China. The attack coincided with the ongoing protests in Hong Kong, where people are using Telegram to avoid detection while coordinating their protests.