An anonymous high-profile government organization located in Southeast Asia was the target of a Chinese state-sponsored cyber espionage operation.

Codenamed Crimson Palace, the cyber espionage operation involved accessing critical IT systems, reconnaissance, and lifting sensitive military and technical data information. The threat actor group also deployed various malware targeting command-and-control (C2) communications to support Chinese state interests. While the name of the government entity has not been revealed, the country is known to have “repeated conflict” with China over the South China Sea territory. Operation Crimson Palace is composed of three separate intrusion clusters that perform overlapping tasks and activities to conduct the coordinated operation.

Read more:

https://thehackernews.com/2024/06/chinese-state-backed-cyber-espionage.html