German intelligence on Wednesday said the hacker group APT 27 has started targeting German companies in sectors including pharmaceuticals and technology.
Officials say the acronym APT (Advanced Persistent Threat) 27 is an alias for a Chinese hacker group believed to target critical sectors and foreign embassies.
What are the claims?
Germany’s domestic intelligence agency, the Federal Office for the Protection of the Constitution (BfV), said APT 27 had used a malware variant to target commercial companies.
The BfV said the attackers had been exploiting vulnerabilities in commonly used software since March 2021 as a gateway for the attacks.
Intelligence chiefs said the hackers could also be trying to infiltrate customers’ and service providers’ networks.
The BfV did not release information such as the specific targets of the alleged hacking.
Who are the hackers?
The cyberespionage group APT 27 has been active since at least 2010, according to the BfV.
The BfV said in its constitutional protection report from 2019, that APT 27 was the alias for a group also known as “Emissary Panda.” The Chinese-based actor is said to target foreign embassies to collect information on government, defense and technology sectors.
Last year, the United States and its allies accused China of carrying out a global cyber-espionage campaign, an allegation that Beijing denies.
The Biden administration in July formally blamed China for a massive hack of Microsoft Exchange email server software. The White House said criminal hackers associated with the Chinese government had carried out ransomware attacks and other illicit activities.
Microsoft itself last year said a group operating from China reportedly tried to hack information from several US targets, including infectious-disease researchers, law firms, universities and non-governmental organizations.
Edited by: Mark Hallam