Diplomatic entities in Belgium and Hungary hacked in China-linked spy campaign therecord.media/belgium-h…
Hungarian and Belgian diplomatic entities were allegedly targeted by a well-known Chinese hacking group in September and October.
Incident responders at Arctic Wolf Labs discovered an active cyber-espionage campaign they attributed to a China-affiliated threat actor tracked as UNC6384. In August, Google spotlighted a nearly identical campaign by the same group targeting diplomats in Southeast Asia with documents mimicking EU Council meeting agendas.
Arctic Wolf tracked the latest campaign over the last two months, writing in a blog post on Thursday that the attacks began with spearphishing emails centered on European Commission meetings, NATO-related workshops and multilateral diplomatic coordination events.
In addition to the Hungarian and Belgian targets, Arctic Wolf said it saw documents targeting Serbian government aviation departments, as well as other diplomatic entities in Italy and the Netherlands. The diplomatic targets focused specifically on cross-border policy, defense cooperation and multilateral coordination activities.
