A Chinese affiliated hacker group is targeting Russians using malware disguised as legitimate documents and downloads, cyber security experts have claimed.
China’s alleged actions against Russia is another twist in the complex relationship between the two countries.
Presently, China has not condemned Russia for its military actions in Ukraine – but they are reportedly altering their cyber position in response to the matter, The Register reports.
Researchers for American cybersecurity company Secureworks said in a report: “The war in Ukraine has prompted many countries to deploy their cyber capabilities to gain insight about global events, political machinations, and motivations.
“This desire for situational awareness often extends to collecting intelligence from allies and ‘friends’.”
The two frenemy nations have shared, messy feelings toward the United States as the West races to cripple Russia’s economy following the invasion of Ukraine.
The Chinese threat groups have infiltrated servers with a decoy document written in English, the security researchers claim.
If clicked, the decoy document allegedly installs three additional malicious files.
Part of the scheme is a malware initiative called PlugX that gives the hackers “access to the compromised host to extract sensitive system information, upload and download files, and execute a remote command shell,” according to the cybersecurity company.
Programs like PlugX are dubbed “remote access trojans” or RATs that give hackers unadulterated control of a device.