SAN FRANCISCO — Using porn email links as a lure, Chinese hackers were able to access the foreign ministry servers of five European countries, the New York Times has reported.
The spy scheme, orchestrated by "Ke3Chang," sent emails to the dignitaries that included a link that teased nude photos of Carla Bruni-Sarkozy, the wife of former French President Nicolas Sarkozy, according to Milipitas, California computer security firm FireEye.
Among the foreign ministries hit were the Czech Republic, Portugal, Bulgaria, Latvia and Hungary.
FireEye said that Chinese hackers breaking into computer systems of governments and firms using simple, email-based attacks is commonplace.
“Unlike other groups, which tend to attack commercial targets, this campaign specifically targeted ministries of foreign affairs,” Nart Villeneuve, FireEye's lead researcher told The TImes.
In 2011, the Ke3Chang malware attacks singled out a group of 20 finance ministers during a summit meeting in Paris. Once the promised porn links were clicked, the hackers were able to access 21 targets including the five European countries.
FireEye was able to infiltrate the group’s 23 command centers housed in China, Hong Kong and the U.S., and discovered that they were searching for users with privileged access.
“Beyond the fact they are Chinese, we don’t know who the attackers are or what their motivations might be,” Villeneuve said.
But according to James A. Lewis, a former State Department official and senior fellow and director at the Center for Strategic and International Studies in Washington, the Chinese look at foreign ministries to glean trade information and to find out what foreign diplomats are saying about the Americans or Japanese.
FireEye said it has identified three different variants of malware back to Ke3Chang and that the hackers also attacked the aerospace, energy, high-tech, consulting, chemical, manufacturing and mining industries.
