Google’s Threat Analysis Group (TAG) researchers uncovered cyberespionage operations conducted by the Chinese People’s Liberation Army (PLA) and other China-linked APT groups and that targeted Ukraine ‘s government to gather info on the ongoing conflict. Below is the tweet published by TAG chief, Shane Huntley, who cited the Google TAG Security Engineer Billy Leonard.
“It should come as no surprise that CN PLA and other CN intel orgs are acutely interested in the war in Ukraine. Over the last few weeks @Google TAG has identified a govt backed actor from CN targeting Ukrainian govt orgs, and we provided notifications to impacted parties.” wrote Leonard.
Google TAG team notified Ukrainian government organizations that were targeted by Chinese intelligence.
“Over the last few weeks Google TAG has identified a govt backed actor from CN targeting Ukrainian govt orgs, and we provided notifications to impacted parties,” Leonard said.
The hacktivist collective group Intrusion Truth believes that the campaign was orchestrated directly by the Chinese government. The group announced that it is sharing IOCs with community partners and plan to provide additional details on the ongoing attacks in the future.
Google recently announced to have blocked a phishing campaign originating conducted by China-linked cybereaspionage group APT31 (aka Zirconium, Judgment Panda, and Red Keres) and aimed at Gmail users associated with the U.S. government.
Google also reported that China-linked Mustang Panda cyberespionage group (aka Temp.Hex) have targeted European entities with lures related to the Ukrainian invasion. In some attacks spotted by Google, threat actors used malicious attachments with file names such as ‘Situation at the EU borders with Ukraine.zip’. The researchers pointed out that this is the first time they observed Mustang Panda targeting European entities, the group was regularly observed targeting Southeast Asian organizations.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Ukraine)
[adrotate banner=”5″]
[adrotate banner=”13″]
A former U.S. NSA employee has been sentenced to nearly 22 years in prison for…
A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest…
A flaw in the R programming language enables the execution of arbitrary code when parsing…
The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019.…
Finnish hacker was sentenced to more than six years in prison for hacking into an…
The US government’s cybersecurity agency CISA published a series of guidelines to protect critical infrastructure…
This website uses cookies.