BANGKOK — Chinese hackers, likely state-sponsored, have been broadly targeting government and private-sector organizations across Southeast Asia, including those closely involved with Beijing on infrastructure development projects, according to a report released Wednesday by a U.S.-based private cybersecurity company.
Specific targets included the Thai prime minister’s office and the Thai army, the Indonesian and Philippine navies, Vietnam’s national assembly and the central office of its Communist Party, and Malaysia’s Ministry of Defense, according to the Insikt Group, the threat research division of Massachusetts-based Recorded Future.
Insikt said it determined that the high-profile military and government organizations in Southeast Asia had been compromised over the last nine months by hackers using custom malware families such as FunnyDream and Chinoxy. Those custom tools are not publicly available and are used by multiple groups believed to be Chinese state-sponsored, the group said.
The targeting also aligns with the political and economic goals of the Chinese government, bolstering the suspicion it is state-sponsored, Insikt said.
“We believe this activity is highly likely to be a state actor as the observed long term targeted intrusions into high value government and political targets is consistent with cyberespionage activity, coupled with identified technical links to known Chinese state-sponsored activity,” the company told The Associated Press.