Home » GEÓ Latest Geopolitical News » CYBER BREACH: RedAlpha – Chinese sponsored cyber-crime group been hacking NGOs and Governments for years

CYBER BREACH: RedAlpha – Chinese sponsored cyber-crime group been hacking NGOs and Governments for years

CYBER BREACH: RedAlpha – Chinese sponsored cyber-crime group been hacking NGOs and Governments for years
Posted By: Iain Fraser – Cybersecurity Journalist  |  Consultant Cybersecurity Desk Editor
Evidence has emerged that RedAlpha the Chinese sponsored cybercrime group has been conducting a “multi-year credential theft campaign” targeting humanitarian groups, think tanks and Governments for years – as its designated title would suggest.
The revelation by Insikt Group, the threat research division of Recorded Future one of the globe´s leading intelligence firms.
Those targeted for “credential-phishing” since 2019 include the International Federation for Human Rights (FIDH), Amnesty International, the Mercator Institute for China Studies (MERICS), Radio Free Asia (RFA), the American Institute in Taiwan, Taiwan’s ruling Democratic Progressive Party (DPP), and India’s National Informatics Centre, according to Recorded Future.
The Insikt Group report details multiple campaigns conducted by the likely Chinese state-sponsored threat activity group RedAlpha. The activity was identified through a combination of large-scale automated network traffic analytics and expert analysis. Data sources include the Recorded Future® Platform, SecurityTrails, PolySwarm, DomainTools Iris, urlscan, and common open-source tools and techniques.
RedAlpha targeted the organisations with emails containing PDFs that, once clicked, would lead to a fake portal page used to collect their login credentials, the Massachusetts-based cybersecurity firm said. Recorded Future commented that RedAlpha likely targeted Taiwan-based organisations and human rights groups to gather intelligence on the self-governing democracy and ethnic and religious minority groups, respectively.
The findings will be most of interest to individuals and organizations with strategic and operational intelligence requirements relating to Chinese cyber threat activity, as well as global humanitarian, think tank, and government organizations. Prior to the publication of this report, Recorded Future notified all affected organizations of the identified activity to support incident response and remediation investigations. Learn More /…
Cybersecurity Journalist
About Insikt Group 
Insikt Group is Recorded Future’s threat research division, comprising analysts and security researchers with deep government, law enforcement, military, and intelligence agency experience. Learn More /… 
About Recorded Future
With more than 1,500 clients across 66 countries, including the governments of 30 countries, over 50% of the Fortune 100 and 40% of the Forbes Global 100, and the largest holdings of interlinked threat data sets, Recorded Future is the world’s largest intelligence company. Learn More /…

Author

  • Geopolitical Intel

    Broadcasting Daily from Gibraltar Newsroom our dedicated desk editors and newsdesk team of Professional Journalists and Staff Writers work hand in hand with our established network of highly respected Correspondents & regional/sector specialist Analysts strategically located around the Globe (HUMINT) Our individual Desk Editors all have specific subject authority as Journalists, Researchers and Analysts covering AI, Autonomous Transport, Banking & Finance Technology, Cybersecurity, GeoCrime, Defence 3.0, Energy & Renewables, BioEconomy and Transport & Logistics. Contact the NewsTeam at [email protected]

    View all posts
Translate »
geopoliticalmatters.com