Chinese Cyber-Operation CuckooBees Steals Trillions in Intellectual Property

Chinese state cyber actor, APT 41, has reportedly stolen trillions of dollars worth of intellectual property from around 30 multinational companies.

A Boston-based cybersecurity firm, Cybereason called the APT 41 campaign Operation CuckooBees and said it involved the massive theft of intellectual property and sensitive data such as blueprints, diagrams, formulas, and manufacturing-related proprietary data from multiple intrusions from various companies in North America, Europe, and Asia.

APT 41 or otherwise known as Winnti reportedly used the undocumented malware strain called DEPLOYLOG and updated versions of Spyder Loader, PRIVATELOG, and WINNKIT.

Winnti also reportedly exploited the Windows CLFS mechanism and NTFS transaction manipulations, to avoid conventional detection methods.

Cybereason explained that Winnti used an Interdependent Payload Delivery system that was composed of several components.

Cybereason detected Operation CuckooBees in April of 2021, after a company reported a breach during a meeting.

There is no real estimate on how much CuckoBees stole in intellectual property but among those taken were unpatented technologies.

There is also no information on which companies were actually struck by CuckooBees.


© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.