FireEye experts said that Chinese hackers, who work under the instructions of the local government, can be involved in attacks by large companies specializing in working with cryptocurrency. This refers to startups involved in the development of computer games and applications based on the blockchain.
“It is also possible that APT41 has simply evaded scrutiny from Chinese authorities. Regardless, these operations underscore a blurred line between state power and crime that lies at the heart of threat ecosystems and is exemplified by APT41,” reads the press release.
Hackers also attacked different enterprises from the healthcare, tourism, telecommunications and many other industries. This is not only about local enterprises, but also about organizations from the USA, Turkey, Hong Kong, the UK, etc.
Experts note that the APT41 division developed a whole package of malicious software designed to penetrate various types of databases. After receiving information about a particular enterprise, hackers demanded a ransom in cryptocurrency. When transferring funds as part of investigative actions, it was found that the addresses to which the assets arrived were registered in China. The country's authorities have not yet commented on these assumptions.
The tasks of a criminal group include not only hacking databases but also penetrating large organizations onto servers. Through malicious software, hackers are able to track a particular company.