Google disrupts Chinese-linked hacking campaign worldwide
Google said it has disrupted a Chinese-linked hacking operation that compromised at least 53 organizations across 42 countries, calling it a large-scale global surveillance campaign.
The hacking group, tracked by Google as UNC2814, also known as Gallium, has operated for nearly a decade and has a history of targeting government bodies and telecommunications companies, News.Az reports, citing Reuters.
“This was a vast surveillance apparatus used to spy on people and organizations throughout the world,” said John Hultquist, chief analyst at Google’s Threat Intelligence Group.
RECOMMENDED STORIES
Google said it worked with unnamed partners to shut down cloud projects controlled by the hackers, disable internet infrastructure used in the attacks, and terminate accounts that accessed Google Sheets, which the group used to coordinate targeting and steal data.
The company stressed that the activity did not involve a vulnerability in Google products. Instead, the hackers used Google Sheets to blend into normal network traffic and evade detection.
Charlie Snyder, a senior manager at Google Threat Intelligence Group, said the company confirmed access to 53 entities and identified potential targeting activity in at least 22 additional countries at the time of disruption.
While Google did not name the affected organizations, Snyder said the hackers installed a backdoor known as GRIDTIDE in at least one case, granting access to sensitive personal data, including full names, phone numbers, dates and places of birth, and national identification numbers.
Google said the activity aligns with efforts to identify, monitor, and track specific individuals, noting that similar campaigns have been used to intercept call records, monitor SMS messages, and exploit lawful intercept systems at telecom providers.
A spokesperson for the Chinese Embassy said China opposes hacking and rejects accusations that use cybersecurity issues to “smear or slander” the country, calling instead for international cooperation on cyber threats.
Google said the campaign is separate from another China-linked hacking effort, known as “Salt Typhoon,” which U.S. authorities have linked to attacks on hundreds of U.S. organizations and political figures.
By Aysel Mammadzada
Similar news
