Security News > 2022 > March > Google: Chinese state hackers target Ukraine’s government
Google's Threat Analysis Group says the Chinese People's Liberation Army and other Chinese intelligence agencies are trying to get more info on the ongoing Russian war in Ukraine.
Google TAG Security Engineer Billy Leonard says Google notified Ukrainian government organizations targeted by a Chinese-sponsored hacking group.
This aligns with claims made by the Intrusion Truth, a secretive group known for its work on exposing suspected Chinese hacking operations, on Tuesday saying that it's aware of Chinese threat actors targeting Ukraine, likely at the behest of the Chinese government.
Google TAG's report of ongoing Chinese cyber operations in Ukraine follows another warning issued one week ago regarding a Chinese-backed hacking group tracked as APT31 targeting Gmail users affiliated with the US government.
One day earlier, Google security analysts revealed that Russian and Belarusian targeted Ukrainian and European government and military orgs in widespread phishing and DDoS attacks.
"In the last 12 months, TAG has issued hundreds of government-backed attack warnings to Ukrainian users alerting them that they have been the target of government-backed hacking, largely emanating from Russia," said Shane Huntley, Google's TAG lead. Google added that the Chinese-backed hacking group Mustang Panda has also switched to phishing attacks against European organizations using lures related to the invasion of Ukraine.
News URL
Related news
- Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks (source)
- Chinese hackers use new data theft malware in govt attacks (source)
- Chinese hackers linked to cybercrime syndicate arrested in Singapore (source)
- Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware (source)
- Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign (source)
- Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- US says Chinese hackers breached multiple telecom providers (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)