US firm finds fresh evidence of Chinese corporate cyber-spying

11 Jun 2014

American security researchers have accused a second Chinese military unit of carrying out cyber-espionage attacks against foreign corporations.

CrowdStrike, a USsecurity firm, detailed the allegations in a lengthy report on a People's Liberation Army unit operating in Shanghai.

The report comes just weeks after the US Department of Justice accused five members of the Chinese military of hacking into American companies, as the US government escalates efforts to combat allegedly state-sponsored Chinese corporate espionage.

California-based CrowdStrike, which helps firms detect and respond to cyber threats, said it has observed a group of hackers – named 'Putter Panda'- launching attacks against defence, satellite and aerospace firms in the US, Japan and Europe.

"China's decade-long economic espionage campaign is massive and unrelenting," CrowdStrike chief executive George Kurtz said in a statement. "Through widespread espionage campaigns, Chinese threat actors are targeting companies and governments in every part of the globe."

Much of the CrowdStrike report focuses on the activities of a hacker named 'cpyy', a suspected member of a military group called Unit 61486.

CrowdStrike alleges that the PLA unit, operating since at least 2007, uses a variety of tools to break into company computers, including malware that exploits popular programs such as Adobe Reader and Microsoft Office.

The group is said to share some resources with Unit 61398, a Shanghai-based PLA hacking group that was unmasked last year by Mandiant, another US-based cyber-security firm.