Hackers With Ties to China Led Hundreds of Attacks Symantec Says

A professional team of hackers called Hidden Lynx has used network infrastructure in China to target hundreds of organizations worldwide since November 2011, computer security company Symantec Corp (SYMC) said in a report.

The group mostly targeted the financial services sector and is “breaking into some of the best-protected organizations in the world,” Symantec said in its Sept. 17 report.

The exposure adds further details about hacking groups with alleged ties to China, a country U.S. officials have said is behind cyber attacks to acquire technology. China has said it is a major target of hacking and has called for international regulations to address the issue.

“Much of the attack infrastructure and tools used during these campaigns originate from network infrastructure in China,” the report said.

The report found Chinese software was used during the construction of Trojans. It didn’t mention any links with the Chinese government.

In one campaign it found a popular Chinese application was used to install a Trojan, which infected victims’ computers in China, the U.S. and Hong Kong, Symantec said.

The group’s methods suggest that it may be a private organization of “hackers for hire” obtaining information “that could be used to gain competitive advantages at both a corporate and nation-state level,” the report said.

The group pioneered a technique in which Trojans were distributed via websites visited by targets, the report said. One such website was one that featured the history of New York.

Financial organizations, including investment banks and asset management companies, made up 24.6 percent of the group’s targets since November 2011, followed by education and government organizations, it said.

“Targeting this sector in such a concentrated fashion could provide invaluable information when negotiating large takeovers or trading shares on the stock exchange,” Symantec said.

The report detailed a July 2012 attack on the Waltham, Massachusetts-based security company Bit9 Inc. by Hidden Lynx, which used Trojans that made their way into the defense industrial sector, it said.

To contact Bloomberg News staff for this story: Henry Sanderson in Beijing at hsanderson@bloomberg.net

To contact the editor responsible for this story: Rosalind Mathieson at rmathieson3@bloomberg.net

Press spacebar to pause and continue. Press esc to stop.

Bloomberg reserves the right to remove comments but is under no obligation to do so, or to explain individual moderation decisions.

Please enable JavaScript to view the comments powered by Disqus.