1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Chinese hackers targeting companies, says Germany

January 26, 2022

Germany's domestic intelligence service says the Chinese hacking group APT 27 has launched cyberattacks on businesses. The group has long been suspected of attacking Western government agencies.

A member of the hacking group Red Hacker Alliance who refused to give his real name, uses his computer at their office
The group has allegedly targeted embassies in the pastImage: Nicolas Asfouri/AFP/Getty Images

German intelligence on Wednesday said the hacker group APT 27 has started targeting German companies in sectors including pharmaceuticals and technology.

Officials say the acronym APT (Advanced Persistent Threat) 27 is an alias for a Chinese hacker group believed to target critical sectors and foreign embassies.

What are the claims?

Germany's domestic intelligence agency, the Federal Office for the Protection of the Constitution (BfV), said APT 27 had used a malware variant to target commercial companies.

The BfV said the attackers had been exploiting vulnerabilities in commonly used software since March 2021 as a gateway for the attacks.

Intelligence chiefs said the hackers could also be trying to infiltrate customers' and service providers' networks.

The BfV did not release information such as the specific targets of the alleged hacking.

Who are the hackers?

The cyberespionage group APT 27 has been active since at least 2010, according to the BfV.

The BfV said in its constitutional protection report from 2019, that APT 27 was the alias for a group also known as "Emissary Panda." The Chinese-based actor is said to target foreign embassies to collect information on government, defense and technology sectors.

Last year, the United States and its allies accused China of carrying out a global cyber-espionage campaign, an allegation that Beijing denies.

The Biden administration in July formally blamed China for a massive hack of Microsoft Exchange email server software. The White House said criminal hackers associated with the Chinese government had carried out ransomware attacks and other illicit activities.

Microsoft itself last year said a group operating from China reportedly tried to hack information from several US targets, including infectious-disease researchers, law firms, universities and non-governmental organizations. 

Edited by: Mark Hallam

Richard Connor Reporting on stories from around the world, with a particular focus on Europe — especially Germany.