Home News Hackers using skeleton keys to target chip vendors for IP theft

Hackers using skeleton keys to target chip vendors for IP theft

Chip maker companies
Chip maker companies

Hacking has been prevalent in almost every industry around the world and if you think that the hacks are carried out for ransomware or damaging the system of anyone then you are wrong because hacking takes place in order to steal data as well. For example, there are loads of semiconductor companies in China with the best of them being TMSC which also supplies chips to Apple and other Android OEMs. Now, we would all know that they would have all the designs and everything related to most of the smartphones around the world and that is what these hackers want.

It is known that Taiwan’s semiconductor industry is being attacked right now and hackers want to steal Intellectual property of these companies. On the topic of hacking inside chip-making companies, Researchers have said that “If such documents are successfully stolen, the impact can be devastating,”. “The motive behind these attacks likely stems from competitors or even countries seeking to gain a competitive advantage over rivals.”

We know that chip maker are known for copying the good parts of their competitors in order to gain an advantage over the company which originally designed it. In order to do so, they either have to buy the license or hack the companies and we all know hacking is cheaper so they choose this option.

This operation is known as Operation Chimera and some know it as Skeleton as well and it involves attacks in 2018 and 2019 targeted towards chip manufacturers. It is known that a legit “penetration testing tool that threat actors are known to abuse — and a custom skeleton key derived from code ripped from both Dumpert and Mimikatz”.

Researchers add that “Many enterprises often neglect this attack vector, by default trusting VPN connections and welcoming them into their intranet; and Chimera is one of the most skilled threat actors that we have seen at abusing VPN policies,”