Article 5BHW5 Facebook says hackers backed by Vietnam’s government are linked to IT firm

Facebook says hackers backed by Vietnam’s government are linked to IT firm

by
Dan Goodin
from Ars Technica - All content on (#5BHW5)
GettyImages-981636794-800x533.jpg

Enlarge (credit: Lino Mirgeler/picture alliance via Getty Images)

Facebook said it has linked an advanced hacking group widely believed to be sponsored by the government of Vietnam to what's purported to be a legitimate IT company in that country.

The so-called advanced persistent threat group goes under the monikers APT32 and OceanLotus. It has been operating since at least 2014 and targets private sector companies in a range of industries along with foreign governments, dissidents, and journalists in South Asia and elsewhere. It uses a variety of tactics, including phishing, to infect targets with fully featured desktop and mobile malware that's developed from scratch. To win targets' confidence, the group goes to great lengths to create websites and online personas that masquerade as legitimate people and organizations.

Earlier this year, researchers uncovered at least eight unusually sophisticated Android apps hosted in Google Play that were linked to the hacking group. Many of them had been there since at least 2018. OceanLotus repeatedly bypassed Google's app-vetting process, in part by submitting benign versions of the apps and later updating them to add backdoors and other malicious functionality.

Read 9 remaining paragraphs | Comments

index?i=znWw8LsMios:OIz1Wlj7MTg:V_sGLiPB index?i=znWw8LsMios:OIz1Wlj7MTg:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments