Russian Organizations Increasingly Under Attack By Chinese APTs
released on 2022-07-08 @ 06:51:22 AM
SentinelLabs has identified a new cluster of threat activity targeting Russian organizations. They assess with high-confidence that the threat actor responsible for the attacks is a Chinese state-sponsored cyber espionage group, as also recently noted by Ukraine CERT (CERT-UA). The attacks use phishing emails to deliver Office documents to exploit targets in order to deliver their RAT of choice, most commonly Bisonal. SentinelLabs has also identified associated activity targeting telecommunication organizations in Pakistan leveraging similar attack techniques.