More details emerge on China's widespread Ukraine-related hacking efforts

Written by
May 5, 2022 | CYBERSCOOP

More details are emerging about the activities of a prolific Chinese government hacking group and how it’s used Russia’s invasion of Ukraine as part of its ongoing efforts to infiltrate a diverse range of target networks across three continents in pursuit of espionage and information theft.

Mustang Panda — otherwise known as Bronze President, HoneyMyte or RedDelta — has been targeting European and Russian entities using topical phishing lures coinciding roughly with the start of the Russian war to deliver malware. Some of the activity has been reported, but researchers with Cisco’s Talos Intelligence Group detailed Thursday previously unreported file samples, website domains and IP addresses associated with the wide-ranging campaigns.

“Mustang Panda is a highly motivated APT group relying primarily on the use of topical lures and social engineering to trick victims into infecting themselves.”

Cisco’s Talos threat intelligence Researchers

The role of Chinese hacking efforts in connection with Russia’s invasion has been closely watched, but so far there hasn’t been substantial public reporting that the country’s open political alliance with China is reflected in its cyber efforts. Instead, Chinese hacking activities have followed traditional patterns of establishing long-term persistence in target

Read More: