Jul 11, 2018

Evidence surfaces of China spying on Cambodian elections

Supporters of GDP seen on a vehicle. Photo: Enric Catala Contreras/SOPA Images/LightRocket via Getty Images

Researchers at FireEye found evidence that a Chinese hacker group known as TEMP.Periscope spied on both sides of the Cambodian election, according to a new report.

What they're saying: Benjamin Read, FireEye senior manager for cyber espionage analysis said in a statement: "China is heavily surveilling all parts of the upcoming Cambodian elections. We have not seen any evidence of activity beyond intelligence collection, but Cambodia is a key ally, so any change in ruling party would be of interest to China."

The details: TEMP.Periscope was previously only known for espionage on maritime targets. The election targets show a new interest in geopolitics.

  • The attack leveraged Airbreak, Homefry, Murkytop, HTran, and Scanbox malware already attributed to the group, as well as two new families of malware: a backdoor FireEye dubbed Eviltech and a credential harvesting program it dubbed Dadbod.
  • Airbreak malware, which is used to install other malware programs, was affixed to lure documents related to Cambodian politics.

Targets of the attack include:

    • The National Election Commission, Ministry of the Interior, Ministry of Foreign Affairs and International Cooperation, Cambodian Senate, Ministry of Economics and Finance.
    • A Member of Parliament representing the ruling Cambodia National Rescue Party.
    • Multiple human rights advocates in opposition to the ruling party.
    • Two Cambodian diplomats serving overseas.
    • Multiple Cambodian media outlets.
    • Monovithya Kem, deputy director-general of public affairs of the Cambodia National Rescue Party.
    • The daughter of imprisoned Cambodian opposition party leader Kem Sokha.

The attack provided new evidence that TEMP.Periscope is a Chinese group from FireEye, which monitored a control server from the attack.

  • While the attackers usually used location-hiding anonymity measures, the one connection that didn't was located in Hainan, China.
  • Computers that connected to the server had Chinese language settings.

Go deeper

World coronavirus updates

Data: The Center for Systems Science and Engineering at Johns Hopkins; Map: Axios Visuals

Countries where novel coronavirus cases are falling may be hit with a "second peak" if they relax restrictions too soon, World Health Organization emergencies chief Mike Ryan warned during a briefing Monday. "We're still very much in a phase where the disease is actually on the way up," he added.

By the numbers: Almost 5.5 million people have tested positive for the virus as of Monday, and more than 2.2 million have recovered. The U.S. has reported the most cases in the world (over 1.6 million from 14.6 million tests). The U.K. is reporting over 36,900 deaths from the coronavirus — the most fatalities outside the U.S.

Go deeper (2 min. read)ArrowUpdated 56 mins ago - Health

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Global: Total confirmed cases as of 3 a.m. ET: 5,498,849 — Total deaths: 346,306 — Total recoveries — 2,233,180Map.
  2. U.S.: Total confirmed cases as of 3 a.m. ET: 1,662,768 — Total deaths: 98,223 — Total recoveries: 379,157 — Total tested: 14,604,942Map.
  3. World: Italy reports lowest number of new cases since February — Ireland reports no new coronavirus deaths on Monday for the first time since March 21 — WHO suspends trial of hydroxychloroquine over safety concerns.
  4. 2020: Trump threatens to move Republican convention from North Carolina — Joe Biden makes first public appearance in two months.
  5. Public health: Officials are urging Americans to wear masks over Memorial Day.
  6. Economy: New York stock exchange to reopen its floor on Tuesday — White House economic adviser Kevin Hassett says it's possible the unemployment rate could still be in double digits by November's election — Charities refocus their efforts to fill gaps left by government.
  7. What should I do? Hydroxychloroquine questions answeredTraveling, asthma, dishes, disinfectants and being contagiousMasks, lending books and self-isolatingExercise, laundry, what counts as soap — Pets, moving and personal healthAnswers about the virus from Axios expertsWhat to know about social distancingHow to minimize your risk.
  8. Other resources: CDC on how to avoid the virus, what to do if you get it, the right mask to wear.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

Updated 59 mins ago - Politics & Policy

LATAM Airlines files for U.S. chapter 11 bankruptcy

A LATAM air attendant aboard one of the company's planes in March. Photo: Kike Calvo/Universal Images Group via Getty Images

LATAM Airlines Group SA said in a statement early Tuesday the firm and its affiliates in in the United States, Chile, Peru, Colombia and Ecuador have filed for Chapter 11 bankruptcy protection in the U.S.

Why it matters: Latam is Latin America's largest airline and its shareholders include Delta Air Lines. CEO Roberto Alvo noted in the statement the coronavirus pandemic has had a huge impact on the airline industry.

Go deeper (<1 min. read)ArrowUpdated 2 hours ago - Economy & Business