Pirates of Chinese government agencies, diplomatic missions and the World Health Organization have been targeted as the world battles the Corona pandemic.

The attack targeted more than two hundred servers in the largest piracy campaign during the pandemic, according to a report by leading Chinese Internet provider "Qihoo 360".

The report linked the attacks to the DarkHotel Pirate Group, a group of elite hackers who have carried out Internet spying since at least 2007.

Cyber ​​security companies are trying to track many of the group's operations that are active in East Asia, with targets including government employees and businessmen in places like China, North Korea, Japan and the United States.

the first goal
The same group is suspected to be behind the recent cyberattacks against the World Health Organization, as officials and cyber security experts warn that hackers of all stripes are seeking to take advantage of international concern about the spread of the Coruna virus, according to a Reuters report.

WHO Information Security Chief Flavio Agio said the identity of the intruders was not clear, but the attempts were unsuccessful. He warned that attempts at piracy against the agency and its partners had risen in conjunction with its battle to contain the Coronavirus, which has killed tens of thousands around the world.

Alexander Orbillis, a cyber security expert and lawyer with the New York-based Blackstone Legal Group, was the first to report to Reuters about the attempted intrusion into the WHO, a specialist who monitors suspicious online activities.

Orbelis said he followed the activity on March 13, when a group of hackers he was following had activated a malicious website that emulated the WHO's internal email system, "I realized very quickly that this was a direct attack on the WHO in the midst of a pandemic."

Orbelis said he did not know who was responsible, but other sources familiar with the matter said they suspected the Dark Hotel group.

The attack, bearing the fingerprints of Dark Hotel, extended to government agencies in Beijing and Shanghai after it had previously targeted the World Health Organization (Reuters).

Spy or revenge
Both Chinese local agencies and diplomatic missions in countries - including Italy, the United Kingdom, North Korea and Thailand - have been attacked, according to the Kyuho 360 report.

China’s anti-virus software vendor’s report said the Dark Hotel’s fingerprint attack finally spread in early April to government agencies in Beijing and Shanghai, after it had previously targeted the World Health Organization and their attempt had not succeeded.

Cybersecurity firms - including Romania's Bitdefender and Moscow-based Kaspersky - have tracked several Dark Hotel operations in East Asia - the region highly affected by the Corona virus. . Specific targets included government officials and businessmen in places such as China, North Korea, Japan and the United States.

The head of global research and analysis at Kaspersky, "Costin Rayo", could not confirm that the Dark Hotel group was behind the attack on the World Health Organization, but said that the web's malicious infrastructure had also been used to target healthcare and other humanitarian organizations in recent weeks. .

"At such times, any information about treatments, tests, or vaccines related to corona viruses is invaluable and a priority for any intelligence organization in any affected country," Rayo added.

"The Chinese government is taking strict measures against any form of cyber attacks and will step up measures to protect its cyber security," said Zhao Legian, Chinese Foreign Ministry spokesman. He also called for more international cooperation to protect cybersecurity.

The attacks come at a time when many governments and companies are asking employees to work from home to prevent the spread of the Coronavirus. Beijing has asked most offices to host no more than half of the staff at one time, and has stopped schooling.

The report speculated that it might be the motivation to attack Chinese agencies to obtain information related to the epidemic, especially after the government began there to control the spread of the disease.

"But the epidemic is still continuing in many countries," he said. "Do the attacks aim to spy on Chinese medical technology and anti-virus measures during the epidemic?"

However, security experts said that with the exception of the Q-360 report, there is currently no further evidence that Dark Hotel was behind the attacks or that the motives of the intruders were linked to the epidemic.

Mark Web Johnson, co-founder, chief technology officer for network service provider Network Box, said: "We have yet to see any confirmation from an outside party ... This is the opinion of one company." However, I see no evidence to challenge its credibility. "

"This report is full of conflicting information, there is no evidence that these attacks were the work of Dark Hotel, and there is a certain bias regarding the cause of targeting, which is the Corona virus," said Brian Bartholomew, a researcher from Kaspersky who monitors the activities of Dark Hotel after the release of the Kyuho 360 report. "We do not say they are wrong, but there must be more statements to support these accusations," he added.