Google has issued a warning to "high-profile" Gmail users working for the US government that they may be the target of a phishing assault by Chinese state-sponsored threat actors.
APT31 (also known as Judgment Panda and Zirconium) was after many people's sensitive information, according to Google's Threat Analysis Group (TAG), and phishing assaults were effectively banned in their email services.
Russia, Belarus, China Allegedly Target Ukraine, Europe Through Phishing
TAG (Threat Analysis Group) also warned earlier this week about Russian, Belarusian, and Chinese threat actors using "widespread" phishing and Distributed Denial of Service (DDoS) assaults to target Ukrainian and European government and military organization endpoints. Since 2012, anytime Google detects attacks employing infrastructure related to state-sponsored threat actors, sending out alerts to affected consumers.
The previous time APT31 made news, it was discovered using phishing to target Russian-based firms before distributing never-before-seen malware.
APT31 was extremely sophisticated in building and delivering the malware, according to Daniil Koloskov, Senior Threat Analysis Specialist at Positive Technologies at the time. It not only used a variety of detection-avoidance strategies, but it also self-destructed after achieving its objectives, erasing all traces of the files and registry keys it produced, Tech Radar reported.
Other hackers linked to Belarus have also targeted the refugee issue, according to Proofpoint, with phishing emails sent from a hacked account of a Ukrainian military officer.
The prolonged war is significant to China, whose President Xi Jinping has developed close connections with Russian President Vladimir Putin. Beijing has been encouraged to do more to intervene and assist put the war to a conclusion, but it has so far avoided denouncing Russia as other countries have for its invasion of Ukraine. China's foreign minister has stated that the Red Cross of his nation will offer humanitarian help to Ukraine, according to Forbes.
US Predicts Cyberattacks Amid Russia-Ukraine War
At the time of publishing, the Chinese embassy in London had not replied to a request for comment. Despite these attacks, the all-out cyberwar that some had predicted would coincide with the ground invasion has not materialized. Since 2015, when hackers, allegedly Russian, cut down power supplies throughout parts of Ukraine, Matt Olney, director of threat intelligence and interdiction for Cisco Talos, says his company has been assisting in protecting Ukrainian enterprises.
The hackers took advantage of a previously unknown flaw in a commercial off-the-shelf technology used by 18 states for animal health management, according to the report. They also used a software flaw called Log4j, which was discovered in December and was spotted in hundreds of millions of devices by US officials.
Hackers began exploiting the weakness just hours after an alert was released to the public, using it to re-compromise two state government networks.
The incident is tied to APT41, which was listed in a Justice Department indictment in 2020, charging Chinese hackers of hacking over 100 companies and organizations in the US and abroad, including social media and video game companies, colleges, and telecommunications providers, as per Independent.
Related Article : Does Wordle Make You Smarter? Experts Says It's a Big No