Chinese hackers target minority groups, NGOs in broad-ranging cyber campaign

hackers have launched a broad against international minority , nongovernmental organizations, and governments, distributing weaponized documents through email, cybersecurity researchers say.

Why it matters: The group, dubbed Mustang Panda, is an advanced persistent (APT) group, typically state-backed hackers involved in long-term clandestine espionage campaigns.

  • The latest offensive has run since November 2018 and covers a wide range of governmental and private sector targets.
  • China’s state-backed hackers often target countries and industries that are strategically important, including nations that form part of China’s Belt and Road Initiative and sectors aligned with the country’s technological development goals.

“The lure documents are themed to be relevant to their targets, and in some cases are copies of legitimate documents that are publicly available… The use of United Nations’ documents regarding activities in the Middle East may also be indicative of think-tank targeting.”

Researchers at cybersecurity firm Anomali

Details: Anomali identified around 15 different documents created or used by Mustang Panda, which range from files claiming to come from the Vietnam government to others that impersonate documents from religious organizations.

  • Mustang Pandas targets include the Shan Tai, a Southeast Asian minority group, whose members are primarily Theravada Buddhists, the Communist Party of Vietnam, people interested in the United Nations’ Security Council Committee’s resolutions relating to the Islamic State in Iraq and the Levant, and China Zentrum, a German non-profit, among others.
  • The researchers were able to link the campaign with Mustang Panda by analyzing tactics that both have in common.
  • Anomali said that the distribution of the documents has not been confirmed, though it is likely to be part of a spearfishing campaign, an email scam that targets specific individuals or organizations.
Also Read:  How to protect yourself in a data breach if your bank gets hacked

Context: Mustang Panda’s broad range of targets is noteworthy since China’s APT groups are usually specific in their focus. For example, APT19 focuses on espionage in the legal and investment sectors, while APT40 typically targets Belt and Road nations.

  • A number of these groups focus on sectors that China hopes to develop, with the primary goal of aiding in the country’s technological advancement. These groups have been accused of targeting foreign firms to intellectual property.

You might also like More from author

Leave A Reply

Your email address will not be published.