Suspected Chinese hackers target US research organization in latest spying spree

CNN —

Suspected Chinese hackers used two previously undiscovered software flaws to break into a US-based research organization last month as part of a persistent spying campaign aimed at collecting intelligence in China’s interests, researchers said Wednesday.

The hackers used the flaws — which are coveted by spy agencies because they aren’t known to the software vendor — to “gain unfettered access” to the unnamed victim organization, US cybersecurity firm Volexity said in a blog post.

The victim organization does research on geopolitics, including China issues, and regularly draws attention from state-backed hackers, according to Volexity. “It’s aligned with espionage that we’ve seen from Chinese [hackers] in the past,” Volexity co-founder Sean Koessel told CNN.

For US officials and forensic experts, it’s the latest example of China’s voracious appetite for intelligence derived from hacking. US officials say China is the most prolific and pervasive digital adversary facing the United States. FBI Director Christopher Wray has said that China’s hacking teams outnumber the FBI’s cyber agents 50 to 1.

Beijing routinely rejects allegations of hacking while accusing the US of conducting its own cyberattacks. Liu Pengyu, spokesman for the Chinese Embassy in Washington, DC, said he was unaware of the details of incident.

“We firmly oppose and combat cyber attacks of any kind,” he said in a statement.

Volexity said it alerted the federal Cybersecurity and Infrastructure Security Agency to the activity. The agency did not immediately respond to a request for comment.

While the software exploits were used to precisely target the US victim organization, the concern now is that the exploit code could leak publicly,