Websites of Indian government and Tibetan activists in the country are under attack in a cyber attack campaign engineered by a Chinese hacker, working with one of the world's largest e-tailers Tencent.
The cyber criminal in question is Gu Kaiyuan, once a graduate student at a Chinese university that receives government financial support for its computer security program and currently an employee at Chinese portal Tencent. Before Kaiyuan initiated the exploits, collectively called the Luckycat campaign, he was involved in recruiting students for his school’s computer security and defense research.
The Luckycat cyber campaign, has been linked to 90 attacks in recent past against targets in India and Japan, as well as against Tibetan activists, said the report released by the Japanese network security firm. 'Luckycat' has been able to compromise about 233 computers many of which are in India. A report on the campaign from cloud security company Trend Micro shows that the Luckycat perpetrators began around June 2011.
Also, Trend Micro was able to find a set of campaign codes used to monitor compromised systems. “The campaign codes often contain dates that indicate when each malware attack was launched. This demonstrates how actively and frequently the attackers launched attacks,” the report reads. “The campaign codes also reveal the attackers’ intent, as some of these referenced the intended targets.”
The report did not directly implicate the Chinese government, but security researchers believed that the style of the attacks and the types of targets indicated state-sponsored spying.