Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

FBI Says a Mysterious Hacking Group Has Had Access to US Govt Files for Years
Motherboard ^ | 04/04/2016 | Lorenzo Franceschi-Bicchierai

Posted on 04/12/2016 2:26:50 PM PDT by unixfox

The feds warned that “a group of malicious cyber actors,” whom security experts believe to be the government-sponsored hacking group known as APT6, “have compromised and stolen sensitive information from various government and commercial networks” since at least 2011, according to an FBI alert obtained by Motherboard.

The alert, which is also available online, shows that foreign government hackers are still successfully hacking and stealing data from US government’s servers, their activities going unnoticed for years. This comes months after the US government revealed that a group of hackers, widely believed to be working for the Chinese government, had for more than a year infiltrated the computer systems of the Office of Personnel Management, or OPM. In the process, they stole highly sensitive data about several millions of government workers and even spies.

In the alert, the FBI lists a long series of websites used as command and control servers to launch phishing attacks “in furtherance of computer network exploitation (CNE) activities [read: hacking] in the United States and abroad since at least 2011.”

Domains controlled by the hackers were “suspended” as of late December 2015, according to the alert, but it’s unclear if the hackers have been pushed out or they are still inside the hacked networks.

“Anybody who’s been in that network all this long, they could be anywhere and everywhere.”

“Looks like they were in for years before they were caught, god knows where they are,” Michael Adams, an information security expert who served more than two decades in the US Special Operations Command, and who has reviewed the alert, told Motherboard. “Anybody who’s been in that network all this long, they could be anywhere and everywhere.”

For Adams, this alert shows that the US government still is not in control of what’s going on inside its most sensitive networks. This alert, he said, is an admission of that.

“It’s just flabbergasting,” he told me. “How many times can this keep happening before we finally realize we’re screwed?”

The FBI wouldn’t comment on the alert, only saying that it was just another example of a routine notice to private partners, “provided in order to help systems administrators guard against the actions of persistent cyber criminals.”

This group of “persistent cyber criminals” is especially persistent. The group is none other than the “APT6” hacking group, according to sources within the antivirus and threat intelligence industry. There isn’t much public literature about the group, other than a couple of old reports, but APT6, which stand for Advanced Persistent Threat 6, is a codename given to a group believed to be working for the Chinese government.

“This is one of the earlier APTs, they definitely go back further than 2011 [...] more like 2008.”

“This is one of the earlier APTs, they definitely go back further than 2011 or whatever—more like 2008 I believe,” Kurt Baumgartner, a researcher at the Russian security firm Kaspersky Lab, told me. (Baumgartner declined to say whether the group was Chinese or not, but said its targets align with the interest of a state-sponsored attacker.)

Kyrk Storer, a spokesperson with FireEye, confirmed that the domains listed in the alert “were associated with APT6 and one of their malware backdoors,” and that the hackers “targeted the US and UK defense industrial base.”

APT6 is ”likely a nation-state sponsored group based in China,” according to FireEye, which ”has been dormant for the past several years.”

Another researcher at a different security company, who spoke on condition of anonymity because he wasn’t authorized to speak publicly about the hacker’s activities, said this was the “current campaign of an older group,” and said there “likely” was an FBI investigation ongoing. (Several other security companies declined to comment for this story.)

At this point, it’s unclear whether the FBI’s investigation will lead to any concrete result. But two years after the US government charged five Chinese military members for hacking US companies, it’s clear hackers haven’t given up attacking US targets. --


TOPICS: Canada; Crime/Corruption; Government; Russia; US: Arkansas; US: Nevada; US: New York; US: South Carolina; US: Texas; War on Terror
KEYWORDS: 2008; 2011; 201512; 2016election; apartment6; apt6; arkansas; benghazi; blackberry; canada; clintoncash; clintonfoundation; cyberwar; cyberwarfare; domains; election2016; fbi; hacking; hillary; hillaryclinton; hitlery; humaabedin; iran; kurtbaumgartner; libya; newyork; opm; pages; peterschweizer; russia; southcarolina; treygowdy; trollfarm; uranium; waronterror; wipewater
Navigation: use the links below to view more comments.
first 1-2021-4041-50 next last
Not surprising.
1 posted on 04/12/2016 2:26:50 PM PDT by unixfox
[ Post Reply | Private Reply | View Replies]

To: unixfox

They are called the Clintons.


2 posted on 04/12/2016 2:27:51 PM PDT by proust (Texans for Trump!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: unixfox

I'm shocked.

3 posted on 04/12/2016 2:29:34 PM PDT by Red Badger (The Left doesn't like him and the Right doesn't like him, so he must be the right guy for the job...)
[ Post Reply | Private Reply | To 1 | View Replies]

To: unixfox
Did they hack, or were they allowed in? Knowing this administration, they were probably given explicit directions on how to access all of these files. And still, crickets from the GOPe.
4 posted on 04/12/2016 2:31:16 PM PDT by Major Matt Mason (Those that can, do, those that can't, work in the Beltway.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Badger

What in hell happened to our FBI ?......


5 posted on 04/12/2016 2:31:47 PM PDT by stephenjohnbanker (My Batting Average( 1,000) since Nov 2014 (GOPe is that easy to read))
[ Post Reply | Private Reply | To 3 | View Replies]

To: stephenjohnbanker
What in hell happened to our FBI ?......

Too busy working on the faux investigation of Hillary.

6 posted on 04/12/2016 2:32:47 PM PDT by unixfox (Abolish Slavery, Repeal the 16th Amendment)
[ Post Reply | Private Reply | To 5 | View Replies]

To: unixfox

Was it NCIS:LA the other night where they had to go into the datacenter to access an air-gapped server, then sent the agents data from that server via email?


7 posted on 04/12/2016 2:32:57 PM PDT by Darth Reardon (Would I lie to you?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: AdmSmith; AnonymousConservative; Berosus; Bockscar; cardinal4; ColdOne; Convert from ECUSA; ...
Image and video hosting by TinyPic

"It's Called The Democratic Party.
Duh!
Death to America!"


8 posted on 04/12/2016 2:33:57 PM PDT by SunkenCiv (Here's to the day the forensics people scrape what's left of Putin off the ceiling of his limo.)
[ Post Reply | Private Reply | View Replies]

To: unixfox

Exactly....


9 posted on 04/12/2016 2:34:50 PM PDT by stephenjohnbanker (My Batting Average( 1,000) since Nov 2014 (GOPe is that easy to read))
[ Post Reply | Private Reply | To 6 | View Replies]

To: unixfox
With no computer traffic or talk, launch agents, to quietly and mysteriously, suddenly appear, to ERASE with All - Due - Prejudice, these Hackers, where - ever they are.
10 posted on 04/12/2016 2:36:35 PM PDT by SandRat (Duty - Honor - Country! What else needs said?)
[ Post Reply | Private Reply | To 1 | View Replies]

To: unixfox

11 posted on 04/12/2016 2:40:32 PM PDT by Paine in the Neck (Socialism consumes EVERYTHING)
[ Post Reply | Private Reply | To 1 | View Replies]

To: unixfox
“since at least 2011.”

It has to be obvious to everyone by now that the Obama administration and the Democrats are in on this. There is high level treason going on in our government and no one has the courage to stop it.

We need an outsider to come in and clean out the traitors, liars and thieves.

12 posted on 04/12/2016 2:43:52 PM PDT by detective
[ Post Reply | Private Reply | To 1 | View Replies]

To: unixfox

“APT6 is ”likely a nation-state sponsored group based in China.....”

How about based in the White House?? ....and sold to the highest bidder.


13 posted on 04/12/2016 2:43:57 PM PDT by elpadre (AfganistaMr Obama said the goal was to "disrupt, dismantle and defeat al-hereQaeda" and its allies.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: unixfox

So, maybe we can get Hillary’s redactions from them.


14 posted on 04/12/2016 2:44:43 PM PDT by CharlesOConnell (CharlesOConnell)
[ Post Reply | Private Reply | To 1 | View Replies]

To: detective
We need an outsider to come in and clean out the traitors, liars and thieves.

That would be a few hundred Marines surrounding their offices and daring them to come out.

15 posted on 04/12/2016 2:46:59 PM PDT by unixfox (Abolish Slavery, Repeal the 16th Amendment)
[ Post Reply | Private Reply | To 12 | View Replies]

To: stephenjohnbanker

Apparently they can’t hack a cellphone or catch international hackers either.

Looks like they could come up with a counter-hacker program that seeks out and destroys their computers......................


16 posted on 04/12/2016 2:47:11 PM PDT by Red Badger (The Left doesn't like him and the Right doesn't like him, so he must be the right guy for the job...)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Red Badger

LOL!


17 posted on 04/12/2016 2:48:40 PM PDT by stephenjohnbanker (My Batting Average( 1,000) since Nov 2014 (GOPe is that easy to read))
[ Post Reply | Private Reply | To 16 | View Replies]

To: unixfox

Can’t win just playing defense.

The members of this APT6 need to be found and eliminated just like any other spy.


18 posted on 04/12/2016 2:50:30 PM PDT by toast
[ Post Reply | Private Reply | To 1 | View Replies]

To: unixfox

Probably a dark-funded government group. /semi-sarcasm


19 posted on 04/12/2016 2:54:03 PM PDT by TigersEye (This is the age of the death of reason and rule of law. Prepare!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: toast
The members of this APT6 need to be found and eliminated just like any other spy.

I wouldn't be surprised if they actually worked for the feds. That's how inept our govt. is.

20 posted on 04/12/2016 2:54:58 PM PDT by unixfox (Abolish Slavery, Repeal the 16th Amendment)
[ Post Reply | Private Reply | To 18 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-50 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson