Advertisement
The claim was made public on May 20 by the Guangzhou city police, who said the group used “rudimentary and crude” methods to launch widespread attacks from overseas IP addresses, including from the United States, France and Japan.
The city’s Tianhe district Public Security Bureau said the group was behind a recent incident in which a local tech company was targeted in Guangzhou, in the southern province of Guangdong. The bureau said technical analysis traced the attack to the alleged Taiwan-based group.
01:33
William Lai vows to protect Taiwan security and industry in speech marking year as leader
William Lai vows to protect Taiwan security and industry in speech marking year as leader
“The hackers deployed phishing emails, exploited public vulnerabilities, conducted brute-force password attacks and used low-grade Trojan horse programs to carry out the attacks,” the police said.
Police also said the group had ramped up its activity significantly over the past year, describing its actions as “malicious sabotage” aimed at disrupting mainland security.
Advertisement
They said the attackers tried to mask their origin by routing attacks through virtual private networks, foreign cloud servers and “zombie machines” to hide behind IP addresses from multiple countries.
Zhou Hongyi, founder and chief executive of cybersecurity firm 360 Security Technology, said his team traced the recent Guangzhou cyberattack to a hacker group in Taiwan by analysing malicious code uploaded to a mainland firm’s back end system.
