Vietnam-Aligned Hackers Attack Foreign Firms

Cyber espionage attacks against foreign companies operating in Vietnam have been traced to a group of hackers “aligned with Vietnamese state interests,“ according to Bloomberg, citing a report from cyber-security provider FireEye.

The attacks by the group, designated by FireEye as APT32, have been conducted since at least 2014, mainly targeting companies operating in the manufacturing, consumer products and hospitality sectors, FireEye said in the report. The group has also targeted foreign governments, dissidents and journalists, it said.

“The unauthorized access could serve as a platform for law enforcement, intellectual property theft, or anti-corruption measures that could ultimately erode the competitive advantage of targeted organizations,“ the report said.

APT32 conducted the attacks by leveraging files that use social-engineering methods to entice victims, FireEye said. The file then downloads malicious payloads from remote servers, with further attacks delivered via “phishing“ emails.

The group is also targeting security, technology infrastructure and consultancy companies, FireEye said, adding that APT32 continues to threaten political activism and free speech in Southeast Asia and the public sector worldwide. “Governments, journalists, and members of the Vietnam diaspora may continue to be targeted,“ the report said.

“While actors from China, Iran, Russia, and North Korea remain the most active cyber espionage threats tracked and responded to by FireEye, APT32 reflects a growing host of new countries that have adopted this dynamic capability,“ the report said.