China-backed hackers targeted EU officials to try and steal economic secrets, US cybersecurity firm says
- Hackers from a group known for targeting Tibetan dissidents sent phishing emails mimicking WHO Covid-19 guidance, according to US firm Proofpoint
- It said in a report on Wednesday that the malware, known as Sepulcher, allows attackers to read, write and delete files, among other things
US indicts Chinese hackers on charges of targeting coronavirus vaccine data
The same strain of malware was discovered in a phishing campaign in July targeting Tibetan dissidents, which the TA413 hacker group is best known for targeting, Proofpoint said.
The malware, called Sepulcher, allows attackers to read, write and delete files, among other functionalities. It is not clear to what extent the hackers were able to penetrate the networks of the groups that were targeted.
01:40
Chinese PLA officers charged with stealing personal data of Americans in Equifax credit agency hack
The campaign’s focus on economic, diplomatic and legislative entities in Europe suggests a momentary realignment for the Chinese hackers “to collect information on global economies cast into upheaval as a result of Covid-19,” according to the report.
Top officials at the WHO have also been targeted by suspected nation-state hackers earlier this year as they continue to lead the global response to the coronavirus pandemic.