CyberScoop reports that Russian organizations have been increasingly attacked by Chinese state-sponsored hacking groups since Russia began its invasion of Ukraine in February.
China has been launching more aggressive action against Russian entities as it seeks to obtain more intelligence regarding Russia's actions in the war, according to SentinelOne Senior Threat Researcher Tom Hegel.
One of the campaigns launched by Chinese attackers was a credential-stealing malware campaign involving the use of a fake Russian Computer Emergency Response Team warning to deliver the long-running RoyalRoad and Bisonal malware strains, Hegel's analysis revealed. Utilization of established toolkits indicates shared resources across the Chinese threat landscape, according to Hegel.
"The fact that these toolkits evolve and continue to operate really speaks to how well theyre resourced, and the state of the defense side. Nothing can really stop them from continuing to use this. Its still successful in many cases, as we see here. You look at the exploits theyre using in these documents, theyre years old exploits. Theyre popping people that are out of date by quite a few years," Hegel added.
Threat Management, Identity
Chinese state-sponsored attacks against Russia on the rise
An In-Depth Guide to Identity
Get essential knowledge and practical strategies to fortify your identity security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds