Security News > 2023 > July > Undiplomatic Chinese threat actor attacks embassies and foreign affairs departments

Infosec outfit Checkpoint says it's spotted a Chinese actor targeting diplomatic facilities around Europe.

Checkpoint has dubbed the campaign "SmugX" thanks to its use of HTML smuggling to deploy the PlugX remote access trojan.

PlugX phones home using RC4 encryption to mask its output.

Checkpoint recently linked the latter gang's activities to another China-adjacent campaign targeting European interests.

"SmugX is part of a larger trend we're seeing of Chinese threat actors shifting their focus to Europe," according to Checkpoint.

Thankfully the PlugX payload has not change markedly, meaning detection and defense measures are known quantities.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/07/04/smugx_europe_china_attack_europe/