베이징과 연계된 해커들이 사이버 스파이 활동 강화로 모스크바를 노린다
7월 07, 2022 • security
Analysis suggests that state-sponsored hackers with ties to Beijing are increasingly focusing their cyber espionage effort on Moscow.
A cluster of China-linked threat activity has been observed to target Russian organizations, claim researchers at SentinelLabs. The group known as Mustang Panda has targeted Russian organizations since the beginning of the war in Ukraine. In contrast, a novel hacker group dubbed ‘Space Pirates’ penetrated Russia’s space tech industry.
According to a recent report, attackers use a phishing email to deliver Remote Access Trojans (RATs) via infected Microsoft Office documents. Threat actors use Royal Road builder to drop Bisonal backdoor. China-linked hackers often use both software, suggesting Beijing was behind the attacks.
“While the overlap of cyber espionage operations attributed to China has been observed before, the targeting of Russia is a new development,” saidSentinelLabs researcher Tony Gauda.
“This targeting of Russia by Chinese cyber espionage groups appears to be in response to the increased sanctions and other pressure that China has been facing from the West,” he added.
Cyber espionage groups such as Mustang Panda and Space Pirates will likely continue their operations against Russia as their geopolitical tensions rise.
The recent increase in cyberattacks against government and commercial targets in Northeast Asia may suggest that the Chinese government is behind them. However, it is difficult to determine whether or not this is the case. The attacks seem to originate from China, but it is not certain whether or not the Chinese government is responsible for them.
This group has been targeting Russian businesses with well-known attack tactics, like using counterfeit documents that exploit n-day flaws and tailored enticements for Russian companies.
보안
admin은 정부 기술의 선임 스태프 작가입니다. 이전에는 PYMNTS와 베이 스테이트 배너에 글을 썼으며 카네기 멜론에서 문예창작 학사 학위를 받았습니다. 현재 보스턴 외곽에 거주하고 있습니다.