Military Data Theft Suspected to be Carried Out by State-Sponsored Hackers in Asia

A series of cyberattacks that are believed to be connected to an Asian government have hit seven different high-profile targets in Southeast Asia and Europe, according to the cybersecurity firm Group-IB. The affected organizations include government and military agencies.
‍
A new hacker group, dubbed Dark Pink, used phishing emails and advanced malware to compromise the defenses of military branches in the Philippines and Malaysia, as well as government organizations in Cambodia, Indonesia, and Bosnia-Herzegovina, from September to December last year. Also targeted were a non-profit, a religious organization, and a European state development agency based in Vietnam, Singapore-based Group-IB said in a report published Wednesday.
The relevant government and military agencies in those countries have not yet responded to emailed requests for comment.
‍
According to Andrey Polovinkin, a malware analyst at Group-IB, the activity of Dark Pink is significant. He says that it is clear that they attempted to steal documentation from compromised networks in order to find sensitive information. He goes on to say that, taking into account the group's modus operandi, its target list that includes mainly government and military bodies, as well as its sophisticated toolset, Dark Pink is most likely a previously undocumented nation-state espionage campaign.
‍
Group-IB has reported that a series of cyberattacks that are believed to have originated in the Asia-Pacific region were carried out with the aim of corporate espionage. This included stealing documents and recording audio from targeted devices. The hackers reportedly sent their targets emails containing a link to a website where they could download a malicious file. This file would then steal personal information from the infected devices, including passwords, browser history, and data from social apps like Viber and Telegram.
‍
Chinese researchers from the Zhejiang-based firm DAS-Security published a report on WeChat last Friday on the hackers, which it named Saaiwc Group. The report said the group had targeted a Vietnamese leadership initiative run by the US State Department, the Philippines military, and Cambodia’s ministry of economy and finance in May, October, and November respectively.
Government and military organizations are often prime targets for hackers, due to the confidential and sensitive data on their networks. Email remains one of the most common methods of breaching these organizations. According to IBM Security's threat intelligence index, Asia became the most targeted region for cyberattacks last year, receiving one in four recorded attacks.