Hurricane Al -Nahhas: The Chinese piracy collection is waiting for the shadows

As China continues to digital maneuver around the world, researchers warn that penetration activity from long -track groups is developing and mixing together. Moreover, the attackers are hiding their campaigns more effectively and adoring the lines between the Internet criminals and the state -backed piracy.

Last year, She shook the revelation The United States government, the Chinese piracy group known as “Solt Tefv” has violated at least nine major American contacts. And the group Even the agitation continued this year In the United States and other countries around the world. Meanwhile, the piracy group associated with Beijing “Volt Hurricane” continued to It lies in the critical infrastructure in the United States And facilities all over the world. Meanwhile, the multi -use union known as the copper hurricane – also called APT 41 or Barium – was working in the shade.

The group, which is followed by researchers since 2012, continued to calmly Extensive targeting All over the world during the past year. Typhoon copper a wide network, prompting researchers to see it as a kind of widespread coalition that attacked everything from a American livestock application to Source code and chips designs From the semiconductor industry in Taiwan and Even energy networks. Over the past year, the group was at risk international institutions in the sectors of technology, cars, materials, shipping, logistical services, media and more, using New and repeated harmful programs In a group of Sustainable campaigns.

“They are still completely active and are still developing,” says John Holtachetist, who leads the threats of the Google Cyber ​​Security Company. “But it is difficult to attribute some of this activity than it was in the past, because it is part of a much larger ecosystem for China’s activity that was deliberately built to create a huge amount of ability.”

Hurricane of copper is known as its existence A prominent series carried out From software Supply chain attacks In late 2010 and for the sake Attacks At the same time as the group targeted the call record data specifically. The gang is also It is known for its hybrid activityThe breakthroughs that are in line with the Chinese espionage carried out by the state by the Chinese Ministry of Security for State Security, but also the apparently taught of criminal projects, which are particularly focused on video game and fraud in work in the game.

Research indicates that the copper hurricane has continued to activity in recent months with financial crimes Targeting gambling online Platforms as well as spy Supporting manufacturing And energy companies. Its continuous activity works in parallel with the SALT and Volt Typhoon campaigns that attract attention, and the analysis is increasingly showing that the state -backed piracy operations in China must be viewed comprehensively, not only in terms of individual actors.

“I think we should not go down the rabbit hole, is it salt? Is it linen? Is it a volt?” Jane Estrely, former director of the Cyber ​​Security Agency for Security and Infrastructure, told WIRED in her recent days in this role in January, referring to a group of piracy groups associated with Beijing. “At the end of the day, China, as we have seen in the assessments of the intelligence community, is the most enormous and continuous e -threat that we deal with.”

Hultquist agrees, while emphasizing that while tracking the activity of individual groups is still vital, it is increasingly important for defenders to treat the advantages of state spy and offensive penetrations of widespread cooperation.

He says: “There was a time when there were very simple indicators that told us who was every actor, and they were working in an incredibly loud loudly, so it was easy to discover the nature that broke it and activity activity.” “APT 41 is still doing some tumultuous activity, but many of its activities are now better and have made an effort to really avoid our controls.”

Ultimately, though, researchers say the most important fast food on the current Brass Typhoon activity is that they continue to demand.