A group of online attackers with ties to China are reportedly behind a full-scale cyber espionage campaign. The Google subsidiary Mandiant announced on Thursday that these target government agencies that are of interest to Beijing. “This is the largest cyberespionage campaign by a China-linked perpetrator since the mass exploitation of Microsoft Exchange in early 2021,” said Charles Carmakal, CTO of Mandiant, a cybersecurity company.
A group of online attackers with ties to China are reportedly behind a full-scale cyberespionage campaign. The Google subsidiary Mandiant announced on Thursday that these target government agencies that are of interest to Beijing. “This is the largest cyberespionage campaign by a China-linked perpetrator since the mass exploitation of Microsoft Exchange in early 2021,” said Charles Carmakal, technical director of Mandiant, a cybersecurity company.
The hackers damaged the computer security systems of hundreds of organizations with prepared e-mails. For some victims, the attackers stole emails from key employees working on issues of interest to the Chinese government, Carmakal said.
The company is “sure” that a group called UNC4841 is behind a far-reaching espionage campaign “in support of the People’s Republic of China.” The hackers attacked at least 16 countries and hit public and private organizations worldwide, the report said.
The focus was therefore on issues of high political importance for the Chinese government, especially in the Asia-Pacific region and Taiwan. Foreign ministries as well as research organizations and trade missions based in Hong Kong and Taiwan were attacked.
The espionage activities were discovered in May and are believed to have started in October last year.
The cyberattack on Microsoft Exchange in early 2021, blamed on a Beijing-backed Chinese hacker group, exploited a vulnerability in Microsoft’s email service. At least 30,000 US organizations were reported to have been affected.