{"id":54708,"date":"2023-11-28T14:09:46","date_gmt":"2023-11-28T14:09:46","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35235\/Hackers-Spent-2-Years-Looting-Secrets-Of-Chipmaker-NXP-Before-Being-Detected.html"},"modified":"2023-11-28T14:09:46","modified_gmt":"2023-11-28T14:09:46","slug":"hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/","title":{"rendered":"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/07\/data-breach-800x435.jpeg\" alt=\"A cartoon man runs across a white field of ones and zeroes.\"><figcaption class=\"caption\"><\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/security\/2023\/11\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">39<\/span> <span class=\"visually-hidden\"> with <\/span> <\/a> <\/aside>\n<p> <!-- cache hit 119:single\/related:d0b793f982b0bc3e7713c01610f432d3 --><!-- empty --><\/p>\n<p>A prolific espionage hacking group with ties to China spent over two years looting the corporate network of NXP, the Netherlands-based chipmaker whose silicon powers security-sensitive components found in smartphones, smartcards, and electric vehicles, a news outlet has reported.<\/p>\n<p>The intrusion, by a group tracked under names including &#8220;Chimera&#8221; and &#8220;G0114,&#8221; lasted from late 2017 to the beginning of 2020, <a href=\"https:\/\/www-nrc-nl.translate.goog\/nieuws\/2023\/11\/24\/spionage-chinese-hackersgroep-zat-jarenlang-in-het-netwerk-van-de-nederlandse-chipfabrikant-nxp-a4182149?_x_tr_sl=auto&amp;_x_tr_tl=en&amp;_x_tr_hl=en-US\">according to<\/a> Netherlands national news outlet NRC Handelsblad, which cited \u201cseveral sources\u201d familiar with the incident. During that time, the threat actors periodically accessed employee mailboxes and network drives in search of chip designs and other NXP intellectual property. The breach wasn\u2019t uncovered until Chimera intruders were detected in a separate company network that connected to compromised NXP systems on several occasions. Details of the breach remained a closely guarded secret until now.<\/p>\n<h2>No material damage<\/h2>\n<p>NRC cited a report published (and later deleted) by security firm Fox-IT, titled <a href=\"https:\/\/web-archive-org.translate.goog\/web\/20210620162513\/https:\/\/blog.fox-it.com\/2021\/01\/12\/abusing-cloud-services-to-fly-under-the-radar\/?_x_tr_sl=auto&amp;_x_tr_tl=en&amp;_x_tr_hl=en-US\"><em>Abusing Cloud Services to Fly Under the Radar<\/em><\/a>. It documented Chimera using cloud services from companies including Microsoft and Dropbox to receive data stolen from the networks of semiconductor makers, including one in Europe that was hit in \u201cearly Q4 2017.\u201d Some of the intrusions lasted as long as three years before coming to light. NRC said the unidentified victim was NXP.<\/p>\n<p>\u201cOnce nested on a first computer\u2014patient zero\u2014the spies gradually expand their access rights, erase their tracks in between and secretly sneak to the protected parts of the network,\u201d NRC reporters wrote in an English translation. \u201cThey try to secrete the sensitive data they find there in encrypted archive files via cloud storage services such as Microsoft OneDrive. According to the log files that Fox-IT finds, the hackers come every few weeks to see whether interesting new data can be found at NXP&nbsp;and whether more user accounts and parts of the network can be hacked.\u201d<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>NXP did not alert customers or shareholders to the intrusion, other than a brief reference in a 2019 annual report. It read:<\/p>\n<blockquote>\n<p>We have, from time to time, experienced cyber-attacks attempting to obtain access to our computer systems and networks. Such incidents, whether or not successful, could result in the misappropriation of our proprietary information and technology, the compromise of personal and confidential information of our employees, customers, or suppliers, or interrupt our business. For instance, in January 2020, we became aware of a compromise of certain of our systems. We are taking steps to identify the malicious activity and are implementing remedial measures to increase the security of our systems and networks to respond to evolving threats and new information. As of the date of this filing, we do not believe that this IT system compromise has resulted in a material adverse effect on our business or any material damage to us. However, the investigation is ongoing, and we are continuing to evaluate the amount and type of data compromised. There can be no assurance that this or any other breach or incident will not have a material impact on our operations and financial results in the future.<\/p>\n<\/blockquote>\n<h2>\u201cA big deal\u201d<\/h2>\n<p>NXP is Europe\u2019s second-biggest semiconductor company behind ASML and the world\u2019s 18th biggest chipmaker by market capitalization. Its chips are used in iPhones and Apple watches to support advanced near-field communications security mechanisms such as tag originality, tamper detection, and authentication for Apple Pay. NXP also provides chips for the MIFARE card used by transit companies, FIDO-compliant security keys, and tools for relaying data inside the networks of electric vehicles.<\/p>\n<p>Some security researchers said it was surprising that NXP officials didn\u2019t inform customers of the two-year intrusion by threat actors, often abbreviated as TAs.<\/p>\n<p>\u201cNXP chips are in a lot of products,\u201d Jake Williams, a former hacker for the National Security Agency, <a href=\"https:\/\/infosec.exchange\/@malwarejake\/111477602993876340\">wrote<\/a> on Mastodon. \u201cIt&#8217;s likely the TA knows of specific flaws reported to NXP that can be leveraged to exploit devices the chips are embedded in, and that&#8217;s assuming they didn&#8217;t implement backdoors themselves. Over 2.5 years (at least), that&#8217;s not unrealistic.\u201d<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>A separate researcher who has published research in the past documenting a successful hack on a widely used product containing NXP chips voiced similar surprise.<\/p>\n<p>\u201cIf a Chinese threat actor group gets source code or hardware designs of a chip manufacturer, these kinds of groups can use the source code even if the source code isn\u2019t very well commented and documented,\u201d the researcher, who asked not to be identified, said in an interview. \u201cFor me, [the intrusion] is a big deal. I was surprised NXP didn\u2019t communicate with its customers.\u201d<\/p>\n<p>In an email, an NXP representative said the NRC report \u201cis very dated as it was addressed back in 2019. As stated in our 2019 Annual Report, we became aware of a compromise of certain IT systems, and after a thorough investigation we determined that this incident did not result in a material adverse effect on our business. At NXP, we take the security of data very seriously. We learned from this experience and prioritize continually strengthening our IT systems to protect against ever-evolving cybersecurity threats.\u201d<\/p>\n<p>Chimera has extensive experience stealing data from a wide range of companies. The threat actor uses a variety of means to compromise its victims. In the campaign that hit NXP, hackers often leveraged account information revealed in previous data breaches of sites such as LinkedIn or Facebook. The data allowed Chimera to guess the passwords that employees used to access VPN accounts. Team members were able to bypass multi-factor authentication by changing telephone numbers associated with the accounts.<\/p>\n<p>Security firm Cycraft <a href=\"https:\/\/cycraft.com\/download\/CyCraft-Whitepaper-Chimera_V4.1.pdf\">documented <\/a> one two-year hacking spree that targeted semiconductor makers with operations in Taiwan, where NXP happens to have research and development facilities. An attack on one of the unnamed victims compromised 10 endpoints and another compromised 24 endpoints.<\/p>\n<p>\u201cThe main objective of these attacks appeared to be stealing intelligence, specifically documents about IC chips, software development kits (SDKs), IC designs, source code, etc.,\u201d Cycraft researchers wrote. \u201cIf such documents are successfully stolen, the impact can be devastating.\u201d<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35235\/Hackers-Spent-2-Years-Looting-Secrets-Of-Chipmaker-NXP-Before-Being-Detected.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":54709,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10785],"class_list":["post-54708","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerdata-lossbackdoor"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-28T14:09:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/07\/data-breach-800x435.jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected\",\"datePublished\":\"2023-11-28T14:09:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/\"},\"wordCount\":1018,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected.jpg\",\"keywords\":[\"headline,hacker,data loss,backdoor\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/\",\"name\":\"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected.jpg\",\"datePublished\":\"2023-11-28T14:09:46+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected.jpg\",\"width\":800,\"height\":435},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,data loss,backdoor\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerdata-lossbackdoor\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/","og_locale":"en_US","og_type":"article","og_title":"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-11-28T14:09:46+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2021\/07\/data-breach-800x435.jpeg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected","datePublished":"2023-11-28T14:09:46+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/"},"wordCount":1018,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected.jpg","keywords":["headline,hacker,data loss,backdoor"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/","url":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/","name":"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected.jpg","datePublished":"2023-11-28T14:09:46+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/11\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected.jpg","width":800,"height":435},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hackers-spent-2-years-looting-secrets-of-chipmaker-nxp-before-being-detected\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,data loss,backdoor","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerdata-lossbackdoor\/"},{"@type":"ListItem","position":3,"name":"Hackers Spent 2+ Years Looting Secrets Of Chipmaker NXP Before Being Detected"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54708","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=54708"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/54708\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/54709"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=54708"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=54708"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=54708"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}