APT32
   HOME

TheInfoList



Click Here for Items Related To - APT32
OR:
APT32 on:   [Wikipedia]   [Google]   [Amazon]

OceanLotus, also named APT32, BISMUTH, Ocean Buffalo by
CrowdStrike CrowdStrike Holdings, Inc. is an American cybersecurity technology company based in Austin, Texas. It provides endpoint security, threat intelligence, and cyberattack response services. The company has been involved in investigations of seve ...
, or Canvas Cyclone by
Microsoft Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...
, is a
hacker group Hacker groups are informal communities that began to flourish in the early 1980s, with the advent of the home computer. Overview Prior to that time, the term ''hacker'' was simply a referral to any Hacker (hobbyist), computer hobbyist. The hacker ...
allegedly associated with the
government of Vietnam The Government of the Socialist Republic of Vietnam (; less formally the Vietnamese Government or the Government of Vietnam, ) is the Cabinet (government), cabinet and the central Executive (government), executive arm of the Politics of Vietn ...
. The founding member is identified a
meli0das
It has been accused of
cyberespionage Cyber espionage, cyber spying, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers th ...
targeting political dissidents, government officials, and businesses with ties to
Vietnam Vietnam, officially the Socialist Republic of Vietnam (SRV), is a country at the eastern edge of mainland Southeast Asia, with an area of about and a population of over 100 million, making it the world's List of countries and depende ...
.


History

In April 2020,
Bloomberg Bloomberg may refer to: People * Daniel J. Bloomberg (1905–1984), audio engineer * Georgina Bloomberg (born 1983), professional equestrian * Michael Bloomberg (born 1942), American businessman and founder of Bloomberg L.P.; politician a ...
reported that OceanLotus had targeted
China China, officially the People's Republic of China (PRC), is a country in East Asia. With population of China, a population exceeding 1.4 billion, it is the list of countries by population (United Nations), second-most populous country after ...
's
Ministry of Emergency Management The Ministry of Emergency Management (MEM) is 24th-ranked Ministries of the People's Republic of China, executive department of the State Council of the People's Republic of China, responsible for the country's emergency management, work safety, ...
and the
Wuhan Wuhan; is the capital of Hubei, China. With a population of over eleven million, it is the most populous city in Hubei and the List of cities in China by population, eighth-most-populous city in China. It is also one of the nine National cent ...
municipal government in order to obtain information about the
COVID-19 pandemic The COVID-19 pandemic (also known as the coronavirus pandemic and COVID pandemic), caused by severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2), began with an disease outbreak, outbreak of COVID-19 in Wuhan, China, in December ...
. The Vietnamese Ministry of Foreign Affairs called the accusations unfounded. In November,
Kaspersky Kaspersky Lab (; ) is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and A ...
researchers disclosed that OceanLotus had been using the
Google Play Store Google Play, also known as the Google Play Store, Play Store, or sometimes the Android Store (and was formerly Android Market), is a digital distribution service operated and developed by Google. It serves as the official app store for certifie ...
to distribute malware. Volexity researchers disclosed that OceanLotus had set up fake news websites and
Facebook Facebook is a social media and social networking service owned by the American technology conglomerate Meta Platforms, Meta. Created in 2004 by Mark Zuckerberg with four other Harvard College students and roommates, Eduardo Saverin, Andre ...
pages to both engage in web profiling and distribute malware. According to reports, Facebook traced the group's activities to an IT company called CyberOne Group in
Ho Chi Minh City Ho Chi Minh City (HCMC) ('','' TP.HCM; ), commonly known as Saigon (; ), is the most populous city in Vietnam with a population of around 14 million in 2025. The city's geography is defined by rivers and canals, of which the largest is Saigo ...
. In February 2021,
Amnesty International Amnesty International (also referred to as Amnesty or AI) is an international non-governmental organization focused on human rights, with its headquarters in the United Kingdom. The organization says that it has more than ten million members a ...
reported that OceanLotus had launched a number of spyware attacks against Vietnamese human rights activists, including
Bùi Thanh Hiếu Bùi Thanh Hiếu (born February 6, 1972) is a Vietnamese human rights activist and blogger under the username Người Buôn Gió. (). In 2009, Bùi was detained for ten days by the Vietnamese government for "abusing democratic freedoms to infri ...
. In March 2021, it was reported that the group's operations were impacted by a fire at an
OVHcloud OVH, legally OVH Groupe SA, is a French cloud computing company which offers VPS, dedicated servers, and other web services. The company was founded in 1999 by the Klaba family and is headquartered in Roubaix, France. In 2019 OVH adopted OVHcl ...
data centre in
France France, officially the French Republic, is a country located primarily in Western Europe. Overseas France, Its overseas regions and territories include French Guiana in South America, Saint Pierre and Miquelon in the Atlantic Ocean#North Atlan ...
.


References


External links

{{Hacking in the 2020s Vietnamese advanced persistent threat groups Hacking in the 2020s