EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • China: cyber espionage against Russia

    China: cyber espionage against Russia

    Written by
    The Editorial Team
    05.05.22
    Cyber stability
    01
    MIN
    China: cyber espionage against Russia
    China: cyber espionage against Russia
    China: cyber espionage against Russia
    Image Russia's offensive on "digital sovereignty" in Africa
    Cyber stability
    04.12.24 Cyber stability
    Next article
    Russia’s offensive on “digital sovereignty” in Africa
    Read
    06
    MIN
    Image The US neutralizes the infiltration of the pro-China Volt Typhoon cyber group
    Cyber stability
    02.08.24 Cyber stability
    Next article
    The US neutralizes the infiltration of the pro-China Volt Typhoon cyber group
    Read
    02
    MIN
    Image Ukrainian military intelligence increases cyberattacks against Russian targets
    Cyber stability
    02.05.24 Cyber stability
    Next article
    Ukrainian military intelligence increases cyberattacks against Russian targets
    Read
    01
    MIN
    Image Pro-Russian group Midnight Blizzard gained access to emails of Microsoft executives
    Cyber stability
    01.30.24 Cyber stability
    Next article
    Pro-Russian group Midnight Blizzard gained access to emails of Microsoft executives
    Read
    01
    MIN

    On 27 April 2022, Secureworks uncovered a cyber espionage campaign specifically targeting Russia and attributed to China.

    « The war between Russia and Ukraine has prompted many countries to deploy their cyber skills to better understand political machinations and motivations. This need (…) extends to gathering sensitive information from friends. »

    This is the conclusion of a report published on 27 April 2022 by Secureworks, which revealed a massive phishing campaign against Russian officials, launched from servers previously attributed to the Chinese cybercriminal group Bronze President (also identified as HoneyMyte and Mustang Panda).

    The group is known for its proprietary Trojan horse (PlugX) and for its modus operandi (using publicly available documents to transport its malware).

    In the case of this campaign, Bronze President allegedly used official EU texts on sanctions against Belarus, posing as PDF files but in fact containing a new ‘.exe’ version of PlugX. The files were named after Blagoveshchensk, a Russian city near the Chinese border. For Secureworks, this name proves that the campaign targeted Russian officials in that region.

    During April 2022, Proofpoint and ESET had also spotted PlugX variants in other attacks against state bodies. Secureworks concludes that a large Chinese espionage campaign is probably underway.

    The Editorial Team
    05.05.22
    Articles by the same author:
    1
    04.23.24 Secops
    Akamai to buy Noname Security for 500 million dollars
    Read
    01
    MIN
    2
    04.10.24 Cyber +
    Cahiers inCyber : “In Cloud We Trust”
    Read
    01
    MIN
    3
    03.05.24 Digital Sovereignty
    Government administration: France and Germany join forces to develop sovereign tools
    Read
    02
    MIN
    4
    03.05.24 Cyber stability
    Israel-Hamas cyberwar : Google emphasizes key role of Iran
    Read
    02
    MIN
    Image Russia's offensive on "digital sovereignty" in Africa
    Cyber stability
    04.12.24 Cyber stability
    Next article
    Russia’s offensive on “digital sovereignty” in Africa
    Read
    06
    MIN
    Image The US neutralizes the infiltration of the pro-China Volt Typhoon cyber group
    Cyber stability
    02.08.24 Cyber stability
    Next article
    The US neutralizes the infiltration of the pro-China Volt Typhoon cyber group
    Read
    02
    MIN
    Image Ukrainian military intelligence increases cyberattacks against Russian targets
    Cyber stability
    02.05.24 Cyber stability
    Next article
    Ukrainian military intelligence increases cyberattacks against Russian targets
    Read
    01
    MIN
    Image Pro-Russian group Midnight Blizzard gained access to emails of Microsoft executives
    Cyber stability
    01.30.24 Cyber stability
    Next article
    Pro-Russian group Midnight Blizzard gained access to emails of Microsoft executives
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.