Was wondering who and why so many Universities were being spearphished over the last six months or more. Some universities were phished by plain old bad guys or even students changing grades, but some were targeted for more focused “spearphishing” by a Chinese group and now given an attribution of APT40 to denote a high certainty of correct identification. In this instance, these guys specifically were after maritime military intellectual secrets.
According to IDefense and confirmed by FireEye researchers and reported in Wall St. Journal., Chinese hackers known as Temp.Periscope, Leviathan or Mudcarp and now designated APT40 – have targeted more than two dozen universities in the U.S. and around the globe as part of an elaborate scheme to steal research about maritime technology being developed for military use, cybersecurity experts and current and former U.S. officials said.
WSJ has the story: