Chinese Hackers Target Diplomats, Global Entities in Espionage Campaign
A Chinese-linked hacking group targeted diplomats in Southeast Asia and numerous global entities in cyber-espionage operations aimed at advancing China's strategic goals, according to a report by Google. The malware campaign, attributed to Chinese state-sponsored hacker groups, included attacks on Western governments and global organizations.
- Country:
- United States
A sophisticated hacking group linked to China has reportedly targeted diplomats in Southeast Asia and various global entities, according to a report by The Epoch Times, citing data from Google. Google identified the attack in March, categorized as supporting cyber espionage activities that align with China's strategic interests, revealed a threat intelligence blog post dated August 25.
The hackers employed tactics such as captive portal hijacking, distributing malware under the guise of legitimate software updates, to infiltrate systems, according to the TET report. Google confirmed notifying affected Gmail and Workspace users while not revealing the full scope of the victims. The campaign was tied to hacker group UNC6384, connected to another Chinese cyberespionage group TEMP.Hex, or Mustang Panda.
UNC6384 and TEMP.Hex are known for their focus on government sectors, especially in Southeast Asia, aligning with China's objectives, the company noted. U.S. investigators recognize Mustang Panda as a state-sponsored group responsible for worldwide computer infiltrations, the TET report added. Notably, in January, the Justice Department removed malware, a PlugX variant, from over 4,200 U.S. computers, highlighting claims of Chinese regime backing for the cyber activities.
Ongoing FBI investigations disclosed Mustang Panda's targeting of Western governments and nonprofits in the U.S. and elsewhere, as court records indicate. High-profile targets identified include European shipping firms and Chinese dissident organizations globally, alongside governments across the Indo-Pacific, TET stated.
The revelations occur amid intensifying scrutiny over Chinese Communist Party-backed cyber espionage operations. In July, Microsoft identified two Chinese state-sponsored hacking groups exploiting vulnerabilities in SharePoint software for intellectual property theft and espionage worldwide, according to TET.
Senior cyber fellow Jeff Hoffmann emphasized that these cyber espionage campaigns underscore China's active efforts to explore vulnerabilities and assert its presence, as underscored in the TET report. (ANI)
(With inputs from agencies.)
Google News