The US Department of Justice released an extensive indictment on APT31, tracked by Proofpoint threat researchers as #TA412. The noted activity resulted in the compromise of millions of Americans’ work and personal email accounts, cloud storage accounts and telephone call records. https://www.justice.gov/usao-edny/pr/seven-hackers-associated-chinese-government-charged-computer-intrusions-targeting
Proofpoint has been actively tracking and disrupting TA412 campaigns against our customers since 2017.
Notably, in 2022, Proofpoint reported on TA412’s use of web beacons to target US-based journalists, particularly those covering US politics and national security during events that gained international attention.
@threatinsight observed a focus on Washington DC and White House correspondents directly preceding the January 6th, 2021 US Capitol attack.
Proofpoint 2022 blog: https://www.proofpoint.com/us/blog/threat-insight/above-fold-and-your-inbox-tracing-state-aligned-activity-targeting-journalists
Additionally, Proofpoint researchers identified a resumption of journalist targeting on February 9, 2022. These campaigns strongly indicated a desire to collect on US-based media organizations and contributors with a focus on those reporting on US and European engagement in the anticipated Russia-Ukraine war.
“These allegations pull back the curtain on China’s vast illegal hacking operation that targeted sensitive data from U.S. elected and government officials, journalists and academics; valuable information from American companies; and political dissidents in America and abroad. Their sinister scheme victimized thousands of people and entities across the world, and lasted for well over a decade,” stated U.S. Attorney Peace. “America’s sovereignty extends to its cyberspace. Today’s charges demonstrate my Office’s commitment to upholding and protecting that jurisdiction, and to putting an end to malicious nation state cyber activity.”
Tarnkappe.info
Threat Insight