Particle.news
Download on the App Store
3 ARTICLES
·
2h ago

Google Links Southeast Asia Diplomat Hacks to China‑Aligned UNC6384

Beijing rejects Google's attribution to a China‑aligned hacking cluster.

16 December 2021, Baden-Wuerttemberg, Rottweil: A hacker software is open on a laptop. Photo: Silas Stein/dpa (Photo by Silas Stein/picture alliance via Getty Images)
Image

Overview

  • Google detailed a March campaign that hijacked Wi‑Fi access, used social engineering with a fake Adobe plug‑in, and deployed a memory‑resident backdoor called SOGU.SEC.
  • About two dozen victims downloaded the malware, according to Google security engineer Patrick Whitsell, who did not disclose the nationalities of those targeted.
  • Google said it alerted impacted users and did not quantify what data, if any, was exfiltrated from compromised devices.
  • The company attributed the activity to UNC6384 and, in its blog post, described links it believes associate the cluster with the China‑linked group known as Mustang Panda or TEMP.Hex.
  • China’s foreign ministry said it was unaware of the specific case and accused Google of previously spreading false information, as the disclosure adds to ongoing USChina cybersecurity tensions.