China Based Espionage Group Putter Panda Revealed to be Behind Recent US Cyberspace Attack
US security researchers have uncovered the cyber espionage group behind the recent cyberspace attack that targeted various energy and manufacturing sector companies in the United States.
According to a report by researchers at Crowdstrike (a security company that focuses on helping governments protect secrets from cyber espionage), the Shanghai based cyber espionage group, Putter Panda, with likely links to the Chinese People's Liberation Army (PLA) 3rd department 12th bureau, has been involved in various intelligence gathering activities in the United States.
Using cyber espionage tactics the group targeted various governmental sectors and sub-sectors specifically aerospace, space and communications.
The group is estimated to have begun cyber espionage operations in 2007. However, the guys at Crowdstrike state that they have monitored Putter Panda only since 2012.
"They focus their exploits against popular productivity applications such as Adobe Reader and Microsoft Office to deploy custom malware through targeted email attacks", said Crowdstrike.
Crowdstrike's latest report comes after the US government recently charged various Chinese governmental officials with cyber spying on intelligence secrets in the United States.
A PLA member, suspected to be responsible for procuring domains linked to Putter Panda's intelligence gathering operations, has been identified as Chen Ping aka cpyy in the Crowdstrike report.
Cpyy adopted bizarre names and monikers, and is said to have assigned 'jobs' to members of multiple hacking forums, according to The Register.
Putter Panda is also said to have used Remote Access Trojans termed pngdownloader and httpclient, along with malware to attack target systems.
The intelligence team at Crowdstrike base the findings in their latest report on multiple adversary operation analysis. These operations were analysed based on reverse engineering, intelligence analysis and by relying on multiple cultural and linguistic specialists.
Crowdstrike states that it actively tracks more than 70 threat actors, some much more advanced than the Putter Panda group.
China has vehemently denied the cyber espionage charges levelled by the United States, and in fact accused the US government of carrying out online attacks on various companies in China.
© Copyright IBTimes 2024. All rights reserved.