In a new report released by CNN, U.S. officials’ accounts were among those targeted by a state-backed hacking group based in Vietnam. The hackers, known as APT32, posted malicious links to malicious websites and disguised their connections to a Vietnamese government body.
The malicious websites contained links to a tool called X-Probe, which collected information on the victims. In an attempt to gain access to the system, the hackers used a variety of techniques such as phishing campaigns, watering hole attacks, and spearphishing. By using X-Probe, the group was able to gain information including usernames, passwords, IP addresses, and personal information.
Furthermore, the group gained access to a series of US accounts that “focused on current and former” US government officials and employees. It is possible that the accounts were specifically targeted in order to compromise security systems in the US government, or to potentially gain access to political documents and conversations.
According to the report, it is unclear what the desired goal of the attack was, but reports of similar state-backed hackings confirm Vietnam’s involvement in many online security related incidents. In fact, many countries around the world have been known to use similar tactics to gain access to sensitive, personal information.
The FBI has warned that “malicious cyber actors will continue to target and exploit US government officials, employees, and personal information for their own gain” and that “these activities pose a significant threat to our national security”. It is more important than ever to be aware of the potential threats related to cyber security and to protect individuals and companies online.