Mysterious Chinese Hacker Group on Supply Chain Hijacking Spree
While cyber attacks link cryptojacking and fingerprinting have become known to the masses, software supply chain attacks are also fast gaining momentum. In the latest, Barium, the mysterious Chinese-speaking cyberpunks orchestrating such attacks are advancing with each passing day, according to a Wired report on May 3, 2019.
Rising Supply Chain Attacks
Over the past three years, researchers have discovered that supply chain attacks that succeeded in disrupting the software distribution channels of several highly-reputed firms. Victims include computer maker, Asus and PC cleanup tool, CCleaner, and have been tied to hacking groups with different monikers like Barium, Shadowhammer, Shadowpad, and Wicked panda.
A supply chain attack, also known as value-chain or third-party attack, is a form of cyber attack that can wreak havoc on an organization by targeting less secure elements in its supply network.
In other words, such an attack occurs when the system of an organization is breached through a third-party or outside partner that has access to the firm’s operations and data.
Reportedly, Barium’s attacks all follow a similar pattern. They try to infect the systems of a large number of victims, then go through them one by one to find potential espionage targets.
Barium exploits vulnerabilities present in essential software such as Chrome browser and others installed on users’ machines, creating a loophole that could be used to launch more severe attacks resulting in billions of dollars in damage to companies.
Masters of the Dirty Game
Commenting on the matter, Vitaly Kamluk, the director of the Asia research team for Kaspersky, stated that the Barium hackers are sophisticated hackers, as they can infect trusted mechanisms.
“They’re the champions of this. With the number of companies they’ve breached, I don’t think any other groups are comparable to these guys,” he declared.
While the Barium hacker group may have orchestrated numerous attacks since Kaspersky first discovered them in 2017, observers say the attacks carried out on Asus and CCleaner by the firm are some of the deadliest so far.
“If Barium had injected a ransomware worm like that through one of these attacks, it would be a far more devastating attack than the NotPetya hack,” he said.
Earlier in 2017, a group of Russian hackers hijacked updates of Ukrainian accounting software to plant a destructive worm that cost companies upwards of $10 billion.