Vietnamese cyber-espionage has pivoted to Beijing's coronavirus response

[InfoSec News <alerts () infosecnews org>]

https://www.cyberscoop.com/vietnam-coronavirus-china-apt32-fireeye/

By Shannon Vavra
CYBERSCOOP
April 22, 2020

Hackers working on behalf of the Vietnamese government have been targeting
Chinese government organizations tasked with managing the country’s response to
the coronavirus pandemic, according to FireEye research published Wednesday.

The attackers specifically sent spearphishing emails laced with METALJACK
malware to employees at China’s Ministry of Emergency Management and the
government of Wuhan, where the virus is believed to have originated. The
malware, which was delivered via phishing emails, eventually gets loaded into
memory.

The hackers, which FireEye suspects to be a group called Ocean Lotus or APT32,
are just the latest state-backed hacking operation that has pivoted to targeting
the health care sector or coronavirus-related organizations in recent months.

Mandiant Threat Intelligence, a subsidiary of FireEye, consider APT32’s campaign
to be “part of a global increase in cyber-espionage related to the crisis,
carried out by states desperately seeking solutions and nonpublic information”
and is aimed at collecting more information on how China has been handling the
global health crisis.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_