Chinese Hackers Target Russian Targets
Chinese government agents conduct a cyber campaign against Russian targets. That’s what Google’s security department says.
In a new report, Google’s Threat Analysis Group (TAG) notes that attackers are increasingly using Russia’s invasion of Ukraine for phishing attempts and spreading malware. That is not remarkable; attackers often use news facts, especially if they can cause an emotional reaction, to get people to click on their link.
TAG says those attacks are more often aimed at critical infrastructures such as oil and gas plants, telecom and factories.
However, it is interesting that despite that war, it is still ‘business as usual’ in espionage land. For example, TAG describes that groups linked to the Chinese military have targets in Ukraine and Central Asia and Russia itself. In addition, long-running campaigns in Russia continue against several government organizations, including the Ministry of Foreign Affairs.
In recent weeks, TAG has seen several new attacks from various suppliers to the Russian military and a Russian logistics company,” the report said.
From Russia itself, the focus seems to be mainly on Ukraine. However, according to TAG, groups linked to the FSB intelligence service are conducting campaigns against several Baltic states. For example, a Belarusian group, Ghostwriter, is said to have targeted Lithuanian organizations. This group is also said to be conducting a phishing campaign against people’s Gmail accounts in Ukraine. “No accounts were compromised, and Google will notify the users targeted by these attempts,” TAG said.
Since the beginning of this year, the number of cyberattacks in Eastern Europe, especially in Ukraine, has risen sharply. Moreover, many of the mainly Russian cyber attacks seem to intend to support the troops on the ground.