A hacking group suspected of acting on behalf of the Chinese government has carried out a multi-year espionage campaign against numerous governments, NGOs, think-tanks and news agencies, according to a new report.
The group, known as RedAlpha, has specialised in stealing login details from individuals in organisations considered to be of strategic interest to Beijing, according to the report released by cybersecurity firm Recorded Future.
Those targeted for “credential-phishing” since 2019 include the International Federation for Human Rights (FIDH), Amnesty International, the Mercator Institute for China Studies (MERICS), Radio Free Asia (RFA), the American Institute in Taiwan, Taiwan’s ruling Democratic Progressive Party (DPP), and India’s National Informatics Centre, according to Recorded Future.
RedAlpha targeted the organisations with emails containing PDFs that, once clicked, would lead to a fake portal page used to collect their login credentials, the Massachusetts-based cybersecurity firm said.
Recorded Future said RedAlpha likely targeted Taiwan-based organisations and human rights groups to gather intelligence on the self-governing democracy and ethnic and religious minority groups, respectively.
From The Shadows Emerges Knowledge