Chimera, a Chinese-linked hacker group, infiltrated the network of the Dutch semiconductor giant NXP and had access for over two years from late 2017 to the beginning of 2020, reports NRC. During this period, the notorious hackers reportedly stole intellectual property, including chip designs — however, the full extent of the theft is yet to be disclosed. NXP is the largest chipmaker in Europe, and the scale and extent of the reported attack is shocking.
According to the report, the breach remained undetected for roughly two and a half years while the hackers lurked in the company's network — the breach was only discovered because a similar attack occurred on the Dutch airline Transavia, a subsidiary of KLM. Hackers accessed Transavia's reservation systems in September 2019. An investigation of the Transavia hack uncovered communications with NXP IPs, which led to the discovery of the NXP hack. The attack bears all of the hallmarks of the Chimera hacking group, including the use of its ChimeRAR hacker tool.
To break into NXP, the hackers initially used credentials from previous data leaks on platforms like LinkedIn or Facebook and then used brute force attacks to guess the passwords. They also bypassed double authentication measures by altering phone numbers. The hackers were patient, only checking for new data to steal every few weeks, and then snuck the data out using encrypted files uploaded to online cloud storage services, like Microsoft's OneDrive, Dropbox, and Google Drive.
NXP is a major player in the global semiconductor market and has been particularly influential after it acquired Freescale (an American company) in 2015. NXP is known for developing secure Mifare chips for public transportation in the Netherlands, but also for secure elements for the iPhone -- Apple's Pay, in particular.
However, even though it confirmed the theft of its intellectual property, NXP says that the breach did not result in material damage — saying that the data stolen is complex enough that it can't be easily used to replicate designs. As such, the company didn't see the need to inform the general public, reports NRC.
Following the breach, NXP reportedly took measures to boost its network security. The company enhanced its monitoring systems and imposed stricter controls on data accessibility and transfer within the company. These steps aim to safeguard against similar incidents in the future to avoid breaches, safeguard the company's valuable intellectual assets, and maintain the integrity of its network.
But who knows what has been stolen already? Additionally, it is anyone's guess how many other semiconductor companies have been hacked yet haven't disclosed those breaches to the public.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
Anton Shilov is a Freelance News Writer at Tom’s Hardware US. Over the past couple of decades, he has covered everything from CPUs and GPUs to supercomputers and from modern process technologies and latest fab tools to high-tech industry trends.
Thank you Mr. Shilov.Reply
No political discussions will be allowed. Please stay on topic. Thank you.Reply
Unless company or individual with expertise actually put their name on press release I am going to treat any story of “China threat” as propaganda. That Bloomberg article about China rice-grained sized chip on all Supermicro motherboard a few years ago proved some people will go to extreme length to slander ChinaReply
We're done here folks. Closing now. Thank you to those who stayed on topic.Reply