A China-linked cybercrime group targeted Canadian and U.S. universities
Articles by the same author:
2
3
4
Radio-Canada reported on July 7, 2026, that a China-linked cybercrime group had, according to a Proofpoint report, targeted the physics and engineering departments of Canadian and U.S. universities. The attackers exploited known vulnerabilities in the Roundcube webmail software to steal login credentials, compromise servers, and exfiltrate sensitive information.
According to Proofpoint, the campaign specifically targeted astrophysics and particle physics units, as well as engineering departments associated with the national security sector. The researchers did not disclose the names of the affected universities or the nature of the data that may have been stolen.
Proofpoint stated that the tactics of the cybercrime group, dubbed “UNK_MassTraction,” “display characteristics consistent with operations conducted in support of China,” while noting that it could not conclusively determine any direct affiliation.