Security Companies Team Up, Take Down Chinese Hacking Group

daten writes A coalition of security companies has hit a sophisticated hacking group in China with a heavy blow. The effort is detailed in a report released today by Novetta. The coalition, which calls itself Operation SMN, detected and cleaned up malicious code on 43,000 computers worldwide that were targeted by Axiom, an incredibly sophisticated organization that has been stealing intellectual property for more than six years. The group united as part of Microsoft's Coordinated Malware Eradication (CME) campaign against Hikit (a.k.a. Hikiti), the custom malware often used by Axiom to burrow into organizations, exfiltrate data, and evade detection, sometimes for years.

liar

[iggymanz]

removing malware isn't "taking down" a hacking group; that's just what a victim does

Re:6 years of hacking with the same malware?

[TechyImmigrant]

A sane hacking group would just use the existing hack until it fails, while keeping the new tricks in reserve. Expect more, better hacks from the hackers. They've had a while to work on them.

Re:6 years of hacking with the same malware?

[SeaFox]

Any hacker group that relies on the same malware code on their hacking, for 6 year straight, deserves no respect

Aren't they just being efficient. If it ain't broke, don't fix it?

Chinese government complicity

[Ritz_Just_Ritz]

Why don't they come out and call a spade a spade...the Chinese government aids, at worst, or allows, at best, this activity. Ask anyone who has spent any time living in China. It's pretty difficult to do anything that they don't like and if when you do manage to circumvent the rules, it's only because you're greasing the palms of someone inside the government. "Hacking group".....riiiiiiiiiight. (rolling eyes)

Re:Chinese government complicity

[LessThanObvious]

Well, 5 mod points and a dozen donuts for anyone with a solution. It's bad situation considering that U.S. and China depend on each other for business and economic reasons yet we treat each other like adversaries. The Chinese government hasn't given much historical respect to the concerns of intellectual property. When it comes to bringing hard consequences to malicious hackers in their borders they offer us zero cooperation in cases like this. So WTF do we do?

Re:Chinese government complicity

[msobkow]

Yeah, in the US, the FBI does it officially. Or did you miss the news about that fake newspaper site they put up?

Re:Chinese government complicity

[Registered+Coward+v2]

Well, 5 mod points and a dozen donuts for anyone with a solution. It's bad situation considering that U.S. and China depend on each other for business and economic reasons yet we treat each other like adversaries. The Chinese government hasn't given much historical respect to the concerns of intellectual property. When it comes to bringing hard consequences to malicious hackers in their borders they offer us zero cooperation in cases like this. So WTF do we do?

Use it to supplied bad information. Bogus code, code that fails at critical times, misinformation about deals, bargaining positions, etc. Use it as a vector to infect computers with destructive viruses that destroy data, open up their machines for penetration, or cause control systems to fail.. In short, turn the malware into a double agent.

Re:Chinese government complicity

[Paradise+Pete]

WTF = the Chinese plan 200 years ahead where the USA thinks only to the next "November"

So you think the Chinese started their hacking plans while the US was involved in the war of 1812?

Re:6 years of hacking with the same malware?

[sneakyimp]

I'd be willing to bet that the point of the article in the OP was so that everyone would click on the link and have new malware installed.

Re:6 years of hacking with the same malware?

[Kvasio]

you mean: if it ain't fixed, keep using the break

Yuh Huh

[Greyfox]

Someone's gonna wake up tomorrow with a computer monitor in their bed :-P

Malicious code on 43,000 Windows computers ..

[lippydude]

"The coalition, which calls itself Operation SMN, detected and cleaned up malicious code on 43,000 computers worldwide

What operating System did these 'computers' run on?

Microsoft, payback for their past crap security

[fredness]

Its interesting that Microsoft is mentioned as key contributor to this, when most likely the affected systems that are allowing hackers to slip into organization unauthorized is likely due to the horrendous poor security of Microsoft's own operating system.

Why is this not escalated?

[XB-70]

We pay a fortune in taxes for government agencies: INTERPOL, FBI, RCMP, NSA, CSIS, CIA etc. etc.

It is disgraceful that a consortium of PRIVATE companies has to tackle this issue when there is clear violation of any number of laws at stake.

Get to work, you government agencies, and, instead of spying on your fellow countrymen, do your job.

Re:6 years of hacking with the same malware?

[halltk1983]

Do you keep track of every outbound connection from your computer to make sure that every request is made by authorized software? Or do you rely on a malware suite to report known threats? Most people are in the second boat, and if none of the providers find it, then malware can be resident for a really long time without being caught. Especially if you're good at avoiding honeypots.