New Chinese language APT marketing campaign discovered focusing on European embassies

A China-based superior persistent risk (APT) marketing campaign has been focusing on European authorities entities targeted on international and home insurance policies, in accordance with analysis by Verify Level.

The marketing campaign, dubbed SmugX, makes use of HTML smuggling, a way during which attackers disguise malicious payloads inside HTML paperwork.

Energetic since December 2022, the marketing campaign is probably going a direct continuation of a beforehand reported marketing campaign attributed to RedDelta and the Mustang Panda group, in accordance with the Verify Level report.

Marketing campaign focusing on European embassies

Verify Level stated it has been monitoring the Chinese language risk actor for 2 months and has concluded that it’s focusing on international and home coverage entities in addition to embassies in Europe.

“Mixed with different Chinese language primarily based group’s exercise beforehand reported by Verify Level Analysis, this represents a bigger pattern throughout the Chinese language ecosystem, pointing to a shift in goal in direction of European entities, with a deal with their international coverage,” the report added.

Other than the UK, the marketing campaign seems to be targeted on Jap European nations, together with the Czech Republic, Slovakia, and Hungary. The objective of the marketing campaign, as per Verify Level’s evaluation, is to “come up with delicate info on the international insurance policies of these nations.”