The Chinese-linked cyberespionage group ‘Mustang Panda’ targeted U.S. government and policy-related officials with phishing emails themed around Venezuela. The campaign, uncovered by Acronis, exploited geopolitical events to infect systems and steal data. The U.S. Department of Justice recognizes Mustang Panda as a hacker group backed by China.
Chinese-linked cyberespionage group, identified as ‘Mustang Panda,’ has recently targeted U.S. government and policy-related officials through Venezuela-themed phishing emails, cybersecurity researchers revealed on Thursday.
This campaign, as reported by Acronis’ Threat Research Unit, leveraged the geopolitical tension following the U.S. operation against Venezuelan President Nicolas Maduro. By uploading a zip file labeled ‘US now deciding what’s next for Venezuela,’ the group sought to establish footholds within U.S. government entities. The file, containing malware, was uploaded shortly after the U.S. seized Maduro.
The researchers found that the malware, once implanted, could facilitate data theft from targeted computers. It reflects Mustang Panda’s method of exploiting timely global events. While exact targets remain unidentified, historical patterns and technical indicators suggest U.S. and policy-related entities were the focus. China’s embassy in Washington asserts opposition to hacking, dismissing allegations as politically motivated.
