APT32 Targeting Wuhan Government and Chinese Ministry of Emergency Management


From at least January to April 2020, suspected Vietnamese actors APT32 carried out intrusion campaigns against Chinese targets that Mandiant Threat Intelligence believes was designed to collect intelligence on the COVID-19 crisis.

Spear phishing messages were sent by the actor to China’s Ministry of Emergency Management as well as the government of Wuhan province, where COVID-19 was first identified.

While targeting of East Asia is consistent with the activity we’ve previously reported on APT32, this incident, and other publicly reported intrusions, are part of a global increase in cyber espionage related to the crisis, carried out by states desperately seeking solutions and nonpublic information.

Read more…
Source: FireEye