German media is reporting that hackers suspected to have ties to the Vietnamese government have breached the networks of two car manufacturers, namely BMW and Hyundai.
The attackers allegedly installed a penetration testing toolkit named Cobalt Strike on infected hosts, which they used as a backdoor into the compromised network.
BMW had supposedly allowed the hackers to persist on its network, and followed their every move, cutting off their access over the last weekend -- end of November.
BR and TS reporters claim the hackers behind the attack also breached Hyundai but did not provide any additional details about this second intrusion.
Neither BMW nor Hyundai wanted to comment on the BR article. Similar requests for comment sent by ZDNet remained unanswered.
Intrusions blamed on APT32
According to reports, the group has been active since 2014. While initial attacks had focused on hacking foreign corporations active in Vietnam and other Southeast Asian countries, since 2017, the group has incessantly targeted the automotive industry.
Many experts have speculated that the Vietnamese government has taken a page out of China's book and is using hacking groups to carry out economic espionage on foreign companies, stealing intellectual property, and then using it for its state-funded corporations.
China used this strategy to prop its airplane manufacturing sector, and now experts believe Vietnam is doing the same for its fledgling automotive startup VinFast, which started rolling out its first cars out factory lines this year.