APT10 Hacking group targets Taiwanese financial firms, According to CyCraft, a security consultancy from the island nation. The security firm said the targeted software application is used by 80 percent of Taiwan’s financial institutions.
CyCraft in a report mentioned threat actors dubbed as Beijing-run APT10 crew that launched attacks in November 2021. Using supply chain attacks they targeted software used by Taiwanese financial institutions. The hacking group managed to install backdoors using QuasarRAT, a widely available remote access trojan that targets Windows.
According to CyCraft, the visible effects of the attacks were known with the unusual orders to acquire financial instruments, though they also tried to steal financial information.
The motive behind the attacks is not known, though they were sophisticated and they managed to breach systems using a web service vulnerability present in security software. Later they deployed QuasarRAT and used it to download other malware payloads. The threat actors choose the Chinese cloud storage service, Uncle Wen, to store some of the malware, a firm that’s aimed at customers and not state-sponsored criminal masterminds.
Attackers masked the payloads to evade anti-virus software and also established remote control of target systems. CyCraft also explained a few remedies when deployed would alert organizations to future use of this attack by APT10 or other actors.
The APT 10 hacking group has been on the radar of security firms since 2016 and has been known for carrying out cyberattacks on Japanese automotive companies, British managed services providers, US-based aerospace and defense firms, and missile defense systems in South Korea.
The hacking group is known for having direct links to the Chinese Ministry of State Security, the Middle Kingdom’s signals intelligence agency.
With many nations reluctant to show support for Taiwan’s statehood so as not to contradict China’s position, the USA has pledged to assist Taiwan. It is maintaining a defensive capability and wants no change to current arrangements, which means it will oppose China attempting to reclaim Taiwan.
With Taiwan’s close ties with the USA, it has evolved to become a critical source of semiconductors and related technologies. This ensures access to those technologies making it difficult for Chinese firms to access such technology.
China on the other hand is making efforts to steal information from its tech sector by carrying out state-sponsored cyber attacks. Taiwan has responded by introducing regulations last week aimed at deterring such actions.