Micah McCartney
Dozens of systems used by government bodies and IT companies in Russia have reportedly become the targets of Chinese hackers.
Moscow-based cybersecurity provider Kaspersky Lab, revealed that the backdoor malware used to gain access to the systems was "GrewApacha," a Trojan used since at least 2021 by the Chinese cyber-espionage group known as APT31 (Advanced Peristent Threat 31).
APT31 is believed to have ties to China's civilian spy agency, the Ministry of State Security (MSS). Earlier this year, the United States Justice department indicted several Chinese nationals and one company for allegedly carrying out APT31 operations.
"During these attacks, attackers infected devices using phishing emails with attachments containing malicious shortcut files," read an August 8 report by Kaspersky Lab-managed website SecureList. Kaspersky has dubbed the Russia-centered hacking campaign "EastWind."
Clicking on these files prompts the installation of the malware, which receives commands from the Dropbox cloud storage.
No comments:
Post a Comment