Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
Google TAG sees China PLA group go after multiple Russian defence contractors - Best Business Review Site 2024

Google TAG sees China PLA group go after multiple Russian defence contractors

[ad_1]

russia data center

Google’s Threat Analysis Group (TAG) has provided an update on cyber activity in Eastern Europe, which follows on from its March missive.

Overall, TAG said threat actors were increasingly using the Russian invasion of Ukraine as a phishing and malware lure, and were targeting critical infrastructure such as oil and gas, telecommunications, and manufacturing.

“Government-backed actors from China, Iran, North Korea and Russia, as well as various unattributed groups, have used various Ukraine war-related themes in an effort to get targets to open malicious emails or click malicious links,” TAG said.

“Financially motivated and criminal actors are also using current events as a means for targeting users.”

Proving that any target is fair game, TAG detailed the case of the Chinese People’s Liberation Army Strategic Support Force-linked Curious Gorge group, which has been hunting targets in Russia, Ukraine, and Central Asia.

“In Russia, long running campaigns against multiple government organisations have continued, including the Ministry of Foreign Affairs. Over the past week, TAG identified additional compromises impacting multiple Russian defense contractors and manufacturers, and a Russian logistics company,” it said.

Another Chinese group known as either Bronze President, Mustang Panda, TA416, or RedDelta has recently turned its attention to Russia.

“This suggests that the threat actors have received updated tasking that reflects the changing intelligence collection requirements of the People’s Republic of China (PRC),” researchers from Secureworks said.

From the Russian side, TAG said state-backed Fancy Bear group went after targets in Ukraine with malware built using .Net to email cookies and passwords from Chrome, Edge, and Firefox browsers to a compromised account.

Meanwhile, the FSB-aligned Turla group was conducting campaigns against defence and cybersecurity entities from Baltic nations using malicious docx files, and Coldriver continued to use compromised Gmail accounts to target government and defence officials, politicians, NGOs, think tanks, and journalists with malicious files intended to get them onto a phishing domain.

Not to be left out, the Belarusian actor Ghostwriter has resumed phishing to go after Gmail accounts, but has so far come up empty, TAG said. The group also conducted a Facebook phishing campaign mainly targeting Lithuanians.

“Upon discovery, all identified websites and domains were added to Safe Browsing to protect users from further exploitation. We also send all targeted Gmail and Workspace users government-backed attacker alerts notifying them of the activity,” TAG said.

Last week, Microsoft said it had seen six Russian state-sponsored groups launch 237 cyberattacks against Ukraine in the weeks leading up to the invasion.

Related Coverage

[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot