Chinese hackers used Venezuela-themed phishing emails to target US
What's the story
A China-linked hacker group has been accused of using Venezuela-themed phishing emails to target US government and policy-related officials. The cyber-attack came shortly after the US operation to seize Venezuelan President Nicolas Maduro. The campaign was uncovered by cybersecurity firm Acronis, which discovered a zip file titled "US now deciding what's next for Venezuela" uploaded on January 5.
Malware details
Malware linked to previous cyberespionage campaigns
The zip file contained malware with code and infrastructure similar to those used in earlier cyberespionage campaigns attributed to a group known as Mustang Panda. While the specific targets of this hacking campaign remain unclear, researchers suspect it was aimed at US government entities and unnamed policy-related organizations. If successful, the malware would have allowed its operators to steal data from infected computers and maintain ongoing access.
Cyber group
Mustang Panda's history and US response
Mustang Panda, a long-running Chinese cyberespionage group, has been active since 2012. It has targeted organizations worldwide that are considered adversaries of the Communist Party. The US Department of Justice had previously identified Mustang Panda as a hacker group sponsored by the People's Republic of China. A spokesperson for the Chinese embassy in Washington denied these allegations, stating "China firmly opposes the dissemination of false information about so-called 'Chinese cyber threats' for political purposes."