APT hacking group unmasked as Chinese military unit

ThreatConnect and Defense Group Inc. (DGI) have released an in-depth joint report that exposes the extent of China’s military cyber attacks in the South China Sea.

The report concludes that "for nearly five years, Unit 78020 has used an array of global midpoint infrastructure to proxy the command and control of customised malware variants embedded within malicious attachments or document exploits."

Unit 78020 is a unit in the Chinese People Liberation Army (PLA), and the report says that it "conducts cyber espionage again Southeast Asian military, diplomatic, and economic targets."

The researchers go as far as to to name a PLA Officer involved in the unit’s operations, Ge Xing, who has the username GreenSky27.

The revelations come as President Obama meets with his Chinese counterpart Xi Jinpng in Washington to discuss cyber security.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing