Google TAG sees China PLA group go after multiple Russian defence contractors

Written by , APAC Editor Chris Duckett APAC Editor

Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer. After a Canadian sojourn, he returned in 2011 as the Editor of TechRepublic Australia, and is now the Australian Editor of ZDNet.

Full Bio

Google’s Threat Analysis Group (TAG) has provided an update on cyber activity in Eastern Europe, which follows on from its March missive.

Overall, TAG said threat actors were increasingly using the Russian invasion of Ukraine as a phishing and malware lure, and were targeting critical infrastructure such as oil and gas, telecommunications, and manufacturing.

“Government-backed actors from China, Iran, North Korea and Russia, as well as various unattributed groups, have used various Ukraine war-related themes in an effort to get targets to open malicious emails or click malicious links,” TAG said.

“Financially motivated and criminal actors are also using current events as a means for targeting users.”

Proving that any target is fair game, TAG detailed the case of the Chinese People’s Liberation Army Strategic Support Force-linked Curious

Read More: