Chinese state-sponsored attacks against Russia on the rise

CyberScoop reports that Russian organizations have been increasingly attacked by Chinese state-sponsored hacking groups since Russia began its invasion of Ukraine in February. China has been launching more aggressive action against Russian entities as it seeks to obtain more intelligence regarding Russia's actions in the war, according to SentinelOne Senior Threat Researcher Tom Hegel. One of the campaigns launched by Chinese attackers was a credential-stealing malware campaign involving the use of a fake Russian Computer Emergency Response Team warning to deliver the long-running RoyalRoad and Bisonal malware strains, Hegel's analysis revealed. Utilization of established toolkits indicates shared resources across the Chinese threat landscape, according to Hegel. "The fact that these toolkits evolve and continue to operate really speaks to how well theyre resourced, and the state of the defense side. Nothing can really stop them from continuing to use this. Its still successful in many cases, as we see here. You look at the exploits theyre using in these documents, theyre years old exploits. Theyre popping people that are out of date by quite a few years," Hegel added.