Washington DC [US], August 27 (ANI): A hacking group with ties to China targeted diplomats in Southeast Asia and multiple global entities earlier this year, according to The Epoch Times, citing Google. The campaign, identified by Google in March, was described as “likely in support of cyber espionage operations that align with the strategic interests of the People’s Republic of China (PRC),” according to a blog post by Google’s threat intelligence team on August 25.
The hackers used techniques such as captive portal hijacking to distribute malware disguised as legitimate software or plugin updates, enabling them to implant backdoors into the systems of targeted users. Google confirmed that affected Gmail and Workspace users had been notified, though the full extent of victims remains undisclosed.
The campaign has been linked to the hacker group UNC6384, believed to be connected with another China-affiliated cyberespionage group, TEMP.Hex, also known as Mustang Panda. Both groups are known to focus on government sectors in Southeast Asia, aligned with PRC strategic goals. The FBI recognizes Mustang Panda as a state-sponsored Chinese hacker group responsible for global cyber intrusions to collect sensitive data.
In January, the US Justice Department reported removing a variant of PlugX malware from over 4,200 computers, alleging that the Chinese regime financed the group to develop and deploy the malware as part of broader cyber espionage initiatives. Targets included Western governments, nonprofit organisations, European shipping firms, Chinese dissident organisations, and governments across the Indo-Pacific, including Taiwan, Hong Kong, Japan, South Korea, Mongolia, India, Myanmar, Indonesia, the Philippines, Thailand, Vietnam, and Pakistan.
This revelation comes amid growing scrutiny of Chinese state-sponsored cyber operations. In July, Microsoft disclosed that two Chinese hacking groups exploited vulnerabilities in its SharePoint software to steal intellectual property and conduct espionage, targeting former government officials, military personnel, and organisations in sectors such as human rights, finance, and health.
Jeff Hoffmann, senior cyber fellow at The Gold Institute for International Strategy, commented that these efforts indicate the CCP is “actively seeking to explore potential vulnerabilities and to demonstrate that it has a presence,” highlighting the increasing scale and sophistication of state-backed cyber espionage. (ANI)
About The Author
