Chinese Hackers Steal Chips from Dutch Semiconductor Company NXP
Chinese hackers have successfully stolen chips from the large Dutch semiconductor company NXP, remaining undetected for more than two years. This alarming news was reported by NRC.
The cyber attack took place between the end of 2017 and the beginning of 2020, with the Chimera hacker group, believed to be associated with China, breaching the NXP network. Throughout the approximately two and a half years, they covertly operated within the company’s network, stealing valuable intellectual property, including chip designs. However, the exact extent of the damage has not yet been disclosed.
The breach was reportedly discovered accidentally. In September 2019, a similar cyber attack targeted Transavia, the Dutch airline and subsidiary of KLM. This incident led investigators to uncover a connection between the Transavia hacking and the NXP network breach, ultimately identifying the involvement of the Chimera hacker group. The hackers’ utilization of Chimorar, their signature hacking tool, provided further evidence.
Chinese hackers employed a variety of methods to gain unauthorized access, such as utilizing accounting data from previous breaches on platforms like LinkedIn and Facebook. They also employed more aggressive password hacking techniques and successfully bypassed two-factor authentication by altering phone numbers. Encrypted files were used to transmit the stolen data, which were loaded into cloud storage facilities including Microsoft, Dropbox, and Google Drive.
NXP, known as Europe’s largest chip manufacturer, is renowned for its development of secure Mifare chips used in public transport in the Netherlands, as well as protected elements for products like Apple’s iPhone, specifically for Apple Pay.
Despite confirming the theft of intellectual property, NXP claims that the breach did not result in significant damage. The company asserts that the stolen data is highly complex and not easily utilized for reproducing the designs. Therefore, NXP did not find it necessary to make the breach public.
Following the cyber attack, NXP has