Mustang Panda: China-Linked Hacker Group Targets US Government Entities with Geopolitical Phishing Campaign

Read Mustang Panda: China-Linked Hacker Group Targets US Government Entities with Geopolitical Phishing Campaign on RadioNOVO

Mustang Panda: China-Linked Hacker Group Targets US Government Entities with Geopolitical Phishing Campaign

A cyberattack campaign targeting US government-related entities was recently carried out by a hacker group with connections to China. The group, known as Mustang Panda, used Venezuela-themed phishing emails in their malware campaign, as reported by Swiss cybersecurity firm Acronis. While Acronis did not directly link Mustang Panda to China, other cybersecurity research teams have identified it as a China-based threat actor. Mustang Panda has been active since 2012 and has targeted organisations worldwide that are considered adversaries of the Communist Party.

In January last year, the US Department of Justice labeled Mustang Panda as a hacker group sponsored by the People’s Republic of China. However, the Chinese embassy in Washington denied these allegations, stating that China opposes all forms of hacking activities and does not support cyberattacks. The Chinese government has also criticized the US National Security Agency for allegedly attacking China’s national time center, accusing the NSA of exploiting security flaws to steal sensitive data.

In a separate incident, the DOJ indicted 12 Chinese nationals, including members of the alleged Beijing-backed hacking group APT27, for their involvement in cyberattacks. Mustang Panda's latest campaign used "geopolitical lures" in targeted phishing attempts, with Acronis uncovering a file named "US now deciding what’s next for Venezuela.zip" uploaded for malware analysis from a US-based IP address. This tactic reflects a growing trend of cyber attackers leveraging geopolitical themes to carry out their malicious activities.

In conclusion, the cyber threat landscape continues to evolve, with hacker groups like Mustang Panda using sophisticated tactics to target government entities and organisations worldwide. The use of geopolitical themes in phishing campaigns highlights the need for enhanced cybersecurity measures to protect against such threats.