"Between late December and mid-January, China-based hackers sent emails with files that pretended to be official U.S. diplomatic summaries or policy documents. The attack did not rely on a software vulnerability. Simply opening the file was enough to trigger the compromise. The malware is designed to collect data and maintain persistent access to the affected device. Dream is attributing the campaign to the China-linked cyberespionage group Mustang Panda."
"Between the lines: Mustang Panda is notorious for targeting the U.S. and other regions with phishing lures as a way to break into systems and steal state secrets. The intrigue: One of Dream's AI agents first uncovered the attack - marking what Hulio says is the first known case of an AI agent detecting a China-linked espionage campaign in the wild."
Israel-based security firm Dream uncovered a phishing campaign that targeted officials involved in diplomacy, elections, and international coordination worldwide. Between late December and mid-January, China-based hackers sent emails with attached files posing as official U.S. diplomatic summaries or policy documents. The attacks relied on malicious files that executed upon opening, not on software vulnerabilities, delivering malware designed to collect data and maintain persistent access to infected devices. Dream attributes the campaign to China-linked Mustang Panda, a group known for using phishing lures to steal state secrets. One of Dream's AI agents first detected the campaign, signaling AI's growing role in espionage detection and attack methods.
Read at Axios
Unable to calculate read time
Collection
[
|
...
]