Beijing-Linked Hackers Target Moscow in Increased Cyber Espionage Effort

Analysis suggests that state-sponsored hackers with ties to Beijing are increasingly focusing their cyber espionage effort on Moscow.

A cluster of China-linked threat activity has been observed to target Russian organizations, claim researchers at SentinelLabs. The group known as Mustang Panda has targeted Russian organizations since the beginning of the war in Ukraine. In contrast, a novel hacker group dubbed ‘Space Pirates’ penetrated Russia’s space tech industry.

According to a recent report, attackers use a phishing email to deliver Remote Access Trojans (RATs) via infected Microsoft Office documents. Threat actors use Royal Road builder to drop Bisonal backdoor. China-linked hackers often use both software, suggesting Beijing was behind the attacks.

“While the overlap of cyber espionage operations attributed to China has been observed before, the targeting of Russia is a new development,” saidSentinelLabs researcher Tony Gauda.

“This targeting of Russia by Chinese cyber espionage groups appears to be in response to the increased sanctions and other pressure that China has been facing from the West,” he added.

Cyber espionage groups such as Mustang Panda and Space Pirates will likely continue their operations against Russia as their geopolitical tensions rise.

The recent increase in cyberattacks against government and commercial targets in Northeast Asia may suggest that the Chinese government is behind them. However, it is difficult to determine whether or not this is the case. The attacks seem to originate from China, but it is not certain whether or not the Chinese government is responsible for them.

This group has been targeting Russian businesses with well-known attack tactics, like using counterfeit documents that exploit n-day flaws and tailored enticements for Russian companies.

Natalie Werner
Natalie Werner is a freelance writer, CISSP & CCSK Certified Cybersecurity specialist with over 20 years of experience in the banking industry. She's also co-founder and CEO at The Alliance for Cyber Security Excellence (The ACE), an international not -for profit organization that provides cyber security solutions to reduce risk exposure from threats like hacks or malware infections by bringing together trusted experts across various fields, including information technology (IT). As well as providing specialized operational courses on how to maintain your digital assets within IT domains such data protection, Natalie offers strategic training designed help organizations better understand their own business needs when it comes down to protecting against external risks brought about through technological advances

Related Articles

Remote Attack

What is a Remote Attack? When a thief robs a...

Ukraine’s Cyber Agency Reports a Surge in Cyberattacks in Q2

Ukraine's State Service of Special Communications and Information Protection...

TikTok is Being Sued for Life-Threatening Online Challenges

TikTok, the social media app beloved by many youngsters,...

Microsoft Warns Android Phone Users of Evolving Toll Fraud Malware Apps

If you're an Android phone user, Microsoft warns you:...

Android Apps with Malware Found on Play Store

If you have an Android phone, be careful about...