A Chinese group of hackers reportedly has been monitoring governments for over a decade, according to FireEye. The hacker APT30 team was unveiled by FireEye, a company that claims to spy on Asian and Pacific governments in 2004 in general.
FireEye reports in her report that the group APT30 is particularly interested in political developments in Southeast Asia and India, and is particularly active at the time of Southeast Asian summits. 
It also focuses on regional issues and territorial differences between China, India and Southeast Asian countries.
The FireEye report, APT30 and the Mechanics of a Long-Running Cyber Espionage Operation (PDF), reports that the group has been steadily focusing on Southeast Asia and India in the last 10 years.
In addition to Asian governments, APT30 also targets media companies and journalists who report issues related to region.
"We have analyzed over 200 samples malware as well as the remote controller software that uses a GUI, and we are able to estimate that it was developed by the APT 30 team,” FireEye reports.
"All of their hacks are focused on acquiring sensitive data from several targets, who may be using government networks and other networks that are inaccessible by a formal internet connection."
"Most of APT30's efforts use social engineering and show that they are particularly interested in regional policy, military and economic issues, disputed territories, media companies and journalists reporting on China and government legitimacy." reports the FireEye report, showing China behind the team.
The security company's white paper also states that, while assigning responsibilities is always a difficult task, the data indicate that the APT30 group may be funded by the Chinese authorities.
"Such prolonged, planned efforts to develop new tools, combined with the regional goals and missions of the team, lead us to believe that their activities are funded by some state, and probably by the Chinese government," the report states. .
Η ομάδα φέρεται να μολύνει τα θύματά της με μηνύματα phishing, και χρησιμοποιεί εξελιγμένα εργαλεία attacks that have been developed in the last 10 years.
FireEye stated that some malicious preletterthose used by APT 30, notably Backspace and Flashflood – are used to infect systems and steal data over the air. What is striking is that these malicious tools appear to have been designed when they began their efforts in 2005.
