Targeting of military and public institutions in Afghanistan and several east European countries

Date of report

August 2022

Affiliations

APT 18

The attackers sent phishing emails containing a malicious Microsoft Word document, which installed multiple Backdoors on targeted systems. The group likely used that access to conduct espionage.

Suspected victims

Manufacturers of military products and military contractors in Afghanistan and Eastern Europe

Suspected state sponsor

China

Type of incident

Espionage

Target category

Government
Military

Victim government reaction

Unknown

Policy response

Unknown

Golden ticket for industrial espionage: APT group takes over IT infrastructure
Chinese hackers use new Windows malware to backdoor govt, defense orgs

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events