logo
China Hacking
ASSOCIATED PRESS

Report: Chinese state-sponsored hacking group highly active

An American cybersecurity firm says a Chinese hacking group that is likely state-sponsored and has been linked previously to attacks on U.S. state government computers is still “highly active” and is focusing on a broad range of targets that may be of strategic interest to China’s government and security services

By DAVID RISING
Published - Mar 30, 2023, 06:34 AM ET
Last Updated - Jun 22, 2023, 12:01 PM EDT

BANGKOK (AP) — A Chinese hacking group that is likely state-sponsored and has been linked previously to attacks on U.S. state government computers is still “highly active” and is focusing on a broad range of targets that may be of strategic interest to China's government and security services, a private American cybersecurity firm said in a new report Thursday.

The hacking group, which the report calls RedGolf, shares such close overlap with groups tracked by other security companies under the names APT41 and BARIUM that it is thought they are either the same or very closely affiliated, said Jon Condra, director of strategic and persistent threats for Insikt Group, the threat research division of Massachusetts-based cybersecurity company Recorded Future.

Following up on previous reports of APT41 and BARIUM activities and monitoring the targets that were attacked, Insikt Group said it had identified a cluster of domains and infrastructure “highly likely used across multiple campaigns by RedGolf” over the past two years.

“We believe this activity is likely being conducted for intelligence purposes rather than financial gain due to the overlaps with previously reported cyberespionage campaigns,” Condra said in an emailed response to questions from The Associated Press.

Our Offices
  • 10kInfo, Inc.
    13555 SE 36th St
    Bellevue, WA 98006
  • 10kInfo Data Solutions, Pvt Ltd.
    Claywork Create
    11 km, Arakere Bannerghatta Rd, Omkar Nagar, Arekere,
    Bengaluru, Karnataka 560076
4.2 12182024