China’s hackers phishing info on India’s border dispute approach, Tibetan activists


cyber snooping 1

(, Aug24, 2015) – China has been spying on India round the clock with particular focus on information about its border dispute with that country and about Tibetan activists through cyber snooping, indicated the Internet security company FireEye Aug 21. The hacker group had been snooping on Indian government bodies and universities since 2012 for sensitive material on its rival neighbour, with particular interest in India’s border dispute with China as well as information on Tibetan activists, the AFP Aug 21 cited a FireEye spokesman as saying.

“It’s also well resourced and works around the clock. We found indicators in their malware that the group behind it may speak Chinese.”

Regarding the hackers’ approach in their snooping activity, the company has said they sent phishing emails with attachments containing a script called watermain which when opened allowed them to infect and access computers. However, this particular problem with India’s cyber security systems has since been “patched”, the company has added.

AFP said there was no immediate reaction from China but that Beijing had always denied allegations of cyber espionage.

“Collecting intelligence on India remains a key strategic goal for China-based APT (advanced persistent threat) groups,” Bryce Boland, FireEye’s chief technology officer for the Asia Pacific, was quoted as saying.

The report noted that the company had warned in Apr 2015 that a cyber espionage group called APT30 had been hacking governments and businesses in Southeast Asia and India for the last 10 years.

“Over the past four years, this threat group has [targeted] over 100 victims, approximately 70 per cent of which were in India,” the South China Morning Post (Hong Kong) Aug 21 quoted FireEye as saying in a statement.

While the origins of hacking attacks are usually almost impossible to verify, FireEye has suggested that both the targets of the attacks, including India’s diplomatic interests and Tibetan exiled groups, as well as the use of the Watermain script which “appeared to have been designed for Chinese-speaking users”, pointed the finger at China-based hackers.


Please enter your comment!
Please enter your name here