The Chinese have been busted by a Boston-based security firm, Cybereason, who have released a report about a “massive Chinese intellectual property theft operation” dubbed “Operation CuckooBees.”
According to the report, the operation involved Chinese hackers, who stole hundreds of gigabytes of high-tech intellectual property from at least 30 multinational corporations, including military technology and pharmaceutical data.
Cybereason said it was its Nocturnus Incident Response Team who discovered the hacker campaign, after Cybereason hired them to “investigate multiple intrusions targeting technology and manufacturing companies in North America, Europe and Asia” in 2021.
Nocturnus uncovered an “elusive and sophisticated cyber espionage campaign operating undetected since at least 2019,” likely perpetrated by an Advanced Persistent Threat (APT) group called Winnti.
Breitbart News reported:
“Winnti, also known as APT 41, BARIUM, and Blackfly, is a Chinese state-sponsored APT group known for its stealth, sophistication, and focus on stealing technology secrets,” the report explained.
Winnti has been active since at least 2010. Cybereason’s investigators said the group employed new strains of malware for the Operation CuckooBees caper, but also used some of its tried-and-true viruses to open backdoors into targeted computer systems and slowly, quietly extract huge amounts of data.
“Over the years, there have been multiple reports and US Department of Justice (DOJ) indictments tying Winnti to large-scale IP theft operations. Cybereason researchers believe that dozens of other companies were potentially affected by this, or similar campaigns carried out by Winnti,” Cybereason said.
Winnti is noted for conducting extensive reconnaissance of targeted systems before its malware is activated and data extraction begins. Cybereason said some of the data pilfered by Operation CuckoBees could be useful for facilitating future attacks.
Cybereason noted in a detailed analysis of the malware used in the attack:
Perhaps one of the most interesting and striking aspects of this report is the level of sophistication introduced by the malware authors. The infection and deployment chain is long, complicated and interdependent — should one step go wrong, the entire chain collapses — making it somewhat vulnerable, yet at the same time provides an extra level of security and stealth for the operation.
According to the report, it was “hard to estimate the exact number of companies affected by Operation CuckooBees” due to the “complexity, stealth, and sophistication of the attacks.”
Cybereason CEO Lior Div told CBS News during an interview: “We’re talking about Blueprint diagrams of fighter jets, helicopters, and missiles,”adding, “We saw them stealing IP of drugs around diabetes, obesity, depression.”
According to Div, the value of the stolen data could reach far into the trillions of dollars.
“The real impact is something we’re going to see in five years from now, ten years for now, when we think that we have the upper hand on pharmaceutical, energy, and defense technologies. And we’re going to look at China and say, how did they bridge the gap so quickly without the engineers and resources?” he warned.
AMERICAN PEOPLE AND CONGRESS BETTER GET OFF THEIR BUTTS AND QUIT DEALING WITH THE CHINESE GOVERNMENT AND BOYCOTT AND OUR AGENCIES NEED TO NATIONALIZE ALL CHINESE INTERESTS IN AMERICA. STOP THEM FROM GROWING MARIJUANA IN OKLAHOMA, QUIT SENDING FENTANYL AND ISO DRUGS TO MEXICO TO BE HAULED ACROSS OUR BORDERS TO KILL THE IGNORANT DRUGGES. AMERICA SHOULD HAVE AN INSTANT DEATH PENALTY FOR DRUG TRAFFICKING!!
During Trump’s presidency, he fired and deported 50 professors and Chinese students, who were at a University, science professors, and students who were being paid by the school and the Chinese Federation of Communism.