A hacker group with links to China recently used Venezuela-themed phishing emails in a malware campaign targeting US government-related entities, as cyberattack campaigns increasingly leverage geopolitical materials, according to Swiss cybersecurity firm Acronis.
The firm said that it attributed this activity to a group named Mustang Panda “with moderate confidence” based on certain infrastructural and operational patterns.
While Acronis did not identify Mustang Panda as a Chinese group, global cybersecurity research teams have described it as a China-based cyber threat actor.
It has been active since 2012 and has launched cyberattacks against organisations worldwide deemed adversaries of the Communist Party, according to Singapore-based cybersecurity firm Cyfirma. The US Department of Justice (DOJ) in January last year called Mustang Panda a hacker group sponsored by the People’s Republic of China.
“China has consistently opposed and legally combated all forms of hacking activities, and will never encourage, support or condone cyberattacks,” a spokesperson at the Chinese embassy in Washington wrote in an emailed statement to the Post.