Suspected state hackers stole military data from Asian countries, Singapore cybersecurity report finds
- Newly identified ‘Dark Pink’ ‘group used phishing and malware to hack into the Philippines, Malaysia, Cambodia and Indonesia government and military agencies
- Also targeted were a non-profit, a religious organisation, and a European state development agency based in Vietnam, Singapore-based cybersecurity firm said
A hacking campaign suspected to be linked to an Asian government breached seven high-profile targets in Southeast Asia and Europe, including government and military agencies, according to the cybersecurity firm Group-IB.
The newly identified hacker group, dubbed Dark Pink, used phishing emails and advanced malware to compromise the defences of military branches in the Philippines and Malaysia, as well as government organisations in Cambodia, Indonesia, and Bosnia-Herzegovina, from September to December last year.
Also targeted were a non-profit, a religious organisation, and a European state development agency based in Vietnam, Singapore-based Group-IB said in a report published Wednesday.
The relevant government and military agencies in those countries didn’t immediately respond to emailed requests for comment.
“Dark Pink’s activity is significant, as it is clear that they attempted to steal documentation from compromised networks to find sensitive information”, said Andrey Polovinkin, a malware analyst at Group-IB. “Taking into account the group’s modus operandi, its target list that includes mainly government and military bodies, as well as their sophisticated toolset, Dark Pink is most likely a previously undocumented nation-state espionage campaign”.
The cyberattacks that likely originated from the Asia-Pacific region were aimed at corporate espionage, including by stealing documents and recording audio from targeted devices, according to Group-IB.