China-backed hackers targeted EU officials to try and steal economic secrets, US cybersecurity firm says

China-backed hackers targeted EU officials to try and steal economic secrets, US cybersecurity firm says

  • Hackers from a group known for targeting Tibetan dissidents sent phishing emails mimicking WHO Covid-19 guidance, according to US firm Proofpoint
  • It said in a report on Wednesday that the malware, known as Sepulcher, allows attackers to read, write and delete files, among other things

A Chinese nation-state hacker group targeted European government officials, diplomats, non-profit organisations and other global entities in a phishing campaign designed to gather intelligence about global economies reeling from the coronavirus pandemic, according to a US cybersecurity firm.In March, hackers from a group known as APT TA413 sent phishing emails mimicking the World Health Organisation’s Covid-19 guidance in an attempt to lure victims into clicking on an attachment containing malicious code, the California-headquartered Proofpoint said in a report on Wednesday. It said the malicious email was sent to “numerous entities involved with economic policy and forecasting within Europe”.

The same strain of malware was discovered in a phishing campaign in July targeting Tibetan dissidents, which the TA413 hacker group is best known for targeting, Proofpoint said.

The malware, called Sepulcher, allows attackers to read, write and delete files, among other functionalities. It is not clear to what extent the hackers were able to penetrate the networks of the groups that were targeted.