Google’s security experts have announced that they have dismantled a massive Chinese-linked hacking network that spent years spying on governments and phone companies across 42 different countries, as per a report by news agency Reuters. The company said that the hacking group is known as “Gallium” or UNC2814, and it has been operating for nearly a decade.
Citing findings that were shared with Reuters, the report says that the group successfully broke into at least 53 organisations and was preparing to strike 22 more countries before Google stepped in.
“This was a vast surveillance apparatus used to spy on people and organisations throughout the world,” said John Hultquist, chief analyst with Google Threat Intelligence Group, said.
Google says hackers hid in plain sight
Hackers usually hide behind sophisticated software but this group, Google says, made a clever move to avoid getting caught. The hackers didn’t use obvious software, and instead, they used Google Sheets to manage their stolen data. The company explains that by using tools like Sheets, the hackers’ activities looked like normal office traffic, allowing them to stay hidden inside a victim’s network for long periods.
To stop the hackers, Google and its partners not only shut down the group’s Google Cloud projects b ut also disabled the internet infrastructure they used to communicate and even banned the accounts they used to run their spying operations.
What data did hackers steal
The company revealed that the hackers focused heavily on telecommunications companies and government agencies but it did not release the names of the individual victims. Google said that it found a “backdoor” program (which they named GRIDTIDE) installed on a system that held sensitive personal data, including full names and phone numbers, dates and places of birth, voter IDs and National ID numbers.
According to security experts, this type of data is usually stolen so that a foreign government can track specific people, monitor SMS messages, and even listen into phone calls using the tools that phone companies normally reserve for law enforcement.
