Security News > 2022 > May > China-linked Twisted Panda caught spying on Russian defense R&D

Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research.

Check Point Research also noted that around the same time that they observed the Twisted Panda attacks, another Chinese advanced persistent threat group Mustang Panda was observed exploiting the invasion of Ukraine to target Russian organizations.

Twisted Panda may have connections to Mustang Panda or another Beijing-backed spy ring called Stone Panda, aka APT10, according to the security researchers.

While the backdoor is new, the researchers noted that the obfuscation methods have been used together in earlier samples attributed to Stone Panda and Mustang Panda.

The victims - research institutes that focus on developing electronic warfare systems, military-specialized onboard radio-electronic equipment, avionics systems for civil aviation, and medical equipment and control systems for energy, transportation, and engineering industries - also tie the Twisted Panda campaign to China's five-year plan, which aims to expand the country's scientific and technical capabilities.

As Check Point Research concluded: "Together with the previous reports of Chinese APT groups conducting their espionage operations against the Russian defense and governmental sector, the Twisted Panda campaign described in this research might serve as more evidence of the use of espionage in a systematic and long-term effort to achieve Chinese strategic objectives in technological superiority and military power." .

News URL

https://go.theregister.com/feed/www.theregister.com/2022/05/20/china_twisted_panda/