AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Chinese espionage techniques12/2/2023 ![]() ![]() ![]() ![]() Whether in peace or war, analysts are constantly on the lookout for what another country's capabilities are, what they are declaring they can do, and how those intentions may be carried out. The intelligence cycle never slows down, John Blaxland from ANU's Strategic and Defence Studies Centre, and author of Revealing Secrets, told the ABC. So what other techniques and technologies are countries using to snoop on each other, and what's proving valuable in a world of rising tensions? The power of 'obvious' open source The Pentagon has also insisted the spy balloon did not give China an intelligence collection capability above what it already has via satellites and other means. It prompted urgent calls for a plan to "rip" the hundreds of devices out of government sites.īut in the vast and ever-evolving world of espionage, intelligence experts say China's tactics aren't particularly advanced. Meanwhile, an audit found that Chinese government-linked equipment was found in hundreds of Australian Commonwealth buildings, including defence and foreign affairs offices. “While none of the techniques observed in this campaign is new or unique, the combination of the different tactics, and the variety of infection chains resulting in low detection rates, enabled the threat actors to stay under the radar for quite a while,” warned Check Point.NATO chief Jens Stoltenberg warned this week there had been increased Chinese intelligence activities in Europe, citing the use of satellites and cyber threats. Palo Alto Networks released a lengthy report on the malware in 2021.Ĭheck Point said it was tracking the campaign as SmugX and said it “overlaps with previously reported activity by Chinese APT actors RedDelta and Mustang Panda.” PlugX has also been discovered on USB drives being used to target people in Mongolia, Papua New Guinea, Ghana, Zimbabwe, and Nigeria. The PlugX malware itself remained a recognizable variant of the tool, which has previously been used by multiple suspected Chinese threat groups, including to target the Vatican in 2020, an Indonesian intelligence service in 2021 and Ukraine in 2022. HTML smuggling is a hacking technique that has been used in various forms for years, exploiting HTML features to conceal data and files from automated content filters by including them as JavaScript blobs that get reassembled on the target’s machine. These lures included a letter allegedly originating from the Serbian Embassy in Budapest, a document stating the priorities of the Swedish presidency of the Council of the European Union, and an article about two Chinese human rights lawyers sentenced to more than a decade in prison. Samples of lures posted to the VirusTotal malware repository had filenames that “strongly suggest that the intended victims were diplomats and government entities,” according to Check Point, while the lure material itself “contained diplomatic-related content,” which “in more than one case … was directly related to China.” The hackers were spotted using a new delivery method to deploy the modular PlugX malware implant, effectively smuggling it inside HTML documents, something which Check Point warned had “until recently helped the campaign fly under the radar.” The espionage campaign “represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting European entities, with a focus on their foreign policy,” researchers from Check Point said Monday. Chinese hackers target European embassies with HTML smuggling techniqueĬhinese cyber spies have been targeting the foreign affairs ministries and embassies of European states in recent months, according to new research. ![]()
0 Comments
Read More
Leave a Reply. |