Computer hackers in China successfully infiltrated the computers of five European ministries before September's G20 Summit in St. Petersburg, Russia, reports say.
California-based security firm FireEye Inc. conducted research into the security breach, which the company says was named "moviestar" by the hackers. The security firm found the hackers sent emails to staff members with files attached, Reuters reported. The files had names like US_military_options_in_Syria." Once opened, the files released malicious code onto the computers, Reuters reported.
"The theme of the attacks was U.S. military intervention in Syria," Nart Villeneuve, a FireEye researcher involved in the report, told Reuters. "That seems to indicate something more than intellectual property theft...The intent was to target those involved in the G20."
For close to a week, FireEye was able to keep track of the hackers as they moved between the infected computer servers, Reuters reported. But the company eventually could no longer keep track of their actions.
FireEye suspects the hackers were about to steal data from the Summit, Reuters reported. FireEye, which sells virus protection, did not release the names of the five countries the hackers spied on. The company alerted the FBI about their findings.
FireEye has kept track of the same hackers, which they call "Ke3chang," for years. This is the first time they've released their findings to the public, Reuters reported. China has often faced accusations of spying, which the government denies. Those accusations were made fallible when whistle blower Edward Snowden revealed the NSA monitored the Chinese government.
FireEye is sure the hackers are from China due to the language and type of machines the hackers used, Reuters reported. But they have no definitive proof tying the hackers to the Chinese government.
"All we have is technical data." Villeneuve told Reuters. "There is no way to determine that from technical data."
