 |
|
|
.-') _ .-') _ |
|
( OO ) ) ( OO ) ) |
|
.-----. ,--./ ,--,' ,--./ ,--,' |
|
' .--./ | \ | |\ | \ | |\ |
|
| |('-. | \| | )| \| | ) |
|
/_) |OO )| . |/ | . |/ |
|
|| |`-'| | |\ | | |\ | |
|
(_' '--'\ | | \ | | | \ | |
|
`-----' `--' `--' `--' `--' |
|
lite.cnn.com - on gopher - inofficial |
|
|
|
|
|
ARTICLE VIEW: |
|
|
|
Google says China-linked cyber operations targeted Southeast Asia |
|
diplomats |
|
|
|
By John Liu, CNN |
|
|
|
Updated: |
|
|
|
4:13 AM EDT, Tue August 26, 2025 |
|
|
|
Source: CNN |
|
|
|
Diplomats in Southeast Asia were among global entities targeted by a |
|
China-linked cyber espionage group earlier this year, Google has |
|
announced, adding the group “likely aligned with the strategic |
|
interests” of the Chinese government. |
|
|
|
Google Threat Intelligence Group found that the campaign in March |
|
hijacked target web traffic, downloaded malware, and ultimately |
|
deployed a backdoor, it said in a detailing the findings. |
|
|
|
Google said it sent alerts to all users impacted by this campaign. The |
|
scope of impact and which Southeast Asian countries were targeted were |
|
not disclosed in the post. CNN has reached out to Google for further |
|
details. |
|
|
|
Asked about the Google findings on Tuesday, a spokesperson for |
|
China’s foreign ministry said it was unaware of the specific |
|
situation, while accusing Google of spreading “false information |
|
about so called ‘Chinese hacker attacks’ more than once.” |
|
|
|
For years, US officials across Republican and Democratic |
|
administrations have tried to come to grips with China’s formidable |
|
cyber capabilities. The FBI has said that China has a bigger hacking |
|
program than all other foreign governments combined. |
|
|
|
Multiple have been highlighted by the US government, including this |
|
year. |
|
|
|
Tech companies are also becoming more open in publicly naming when they |
|
detect state sponsored or state-aligned hacking campaigns. |
|
|
|
Google’s findings came after recent Microsoft reports of hacking |
|
attempts that also involved Chinese state-linked actors. Last month, |
|
Microsoft found that vulnerabilities of its servers for SharePoint, its |
|
online collaborative platform, were . |
|
|
|
That incident prompted the United States government’s Cybersecurity |
|
and Infrastructure Security Agency to , saying it notified “critical |
|
infrastructure organizations impacted,” as many US government |
|
agencies and companies use its service. |
|
|
|
Beijing denied its involvement in the hacking of Microsoft previously. |
|
|
|
Google attributed this latest hacking campaign to a China-linked cyber |
|
espionage group called UNC6384, which is believed to be associated with |
|
a China-linked threat actor known as Mustang Panda, or TEMP.Hex, it |
|
said. |
|
|
|
“UNC6384 and TEMP.Hex are both observed to target government sectors, |
|
primarily in Southeast Asia, in alignment with PRC strategic |
|
interests,” Google wrote in the post, referring to the People’s |
|
Republic of China. |
|
|
|
“This campaign is a clear example of the continued evolution of |
|
UNC6384’s operational capabilities and highlights the sophistication |
|
of PRC-nexus threat actors.” |
|
|
|
The malware deployed, called SOGU.SEC, is a “sophisticated, and |
|
heavily obfuscated, malware backdoor with a wide range of |
|
capabilities” and is commonly deployed by UNC6384 in cyber espionage |
|
activity, it added. |
|
|
 |
<- back to index |
