US based security firm, CrowdStrike claims that a cyber espionage group called Putter Panda based in Shanghai, China has been running a hacking campaign targeting US Defense and European satellite and aerospace industries.
CrowdStrike also claimed that the group could be 'likely' to be working on behalf of the Chinese People's Liberation Army (PLA) 3rd Department 12th Bureau Unit 61486.
Terming the group as 'a determined adversary group', the security researchers said that the group is carrying out intelligence-gathering operations targeting the Government, Defence, Research, and Technology sectors in the US, especially targeting of space, aerospace, and communications.
Active since 2007, 'Putter Panda' group mainly targeted key productivity applications including Adobe Reader and Microsoft Office to install custom malware throughout targeted email attacks.
"This particular unit is believed to hack into victim companies throughout the world in order to steal corporate trade secrets, primarily relating to the satellite, aerospace and communication industries," the report noted.
Hackers used a wide set of tools, including several Remote Access Tools (RAT s) that facilitate in carrying out intelligence-gathering operations.
The latest report follows three weeks after the US Department of Justice charged five Chinese military officers over alleged involvement in computer hacking, economic cyber-espionage, and stealing confidential corporate information.
In addition the report has identified an individual named Chen Ping, who said to be a member of PLA, procured the website domain names used in some of the intrusions and his emails were linked with profiles, blogs and forum postings.
CrowdStrike co-founder Dmitri Alperovitch was quoted by Reuters as saying the company had briefed the US intelligence agencies before publishing its report.
"After the Chinese response, where they basically said this is all fabricated, we said why don't we unleash something that's undeniable," Alperovitch added.