Researchers at Sophos published on Tuesday its second report covering what they call Crimson Palace — a Southeast Asia-based espionage campaign run by Chinese state-backed hackers.

news.sophos.com/en-us/2024/09/

Sophos examined activities last year by the three groups carrying out the campaign but after a brief hiatus researchers saw renewed activity from two of them in the fall of 2023 and throughout this year

therecord.media/chinese-hackin

Follow

The three groups — which Sophos calls Cluster Alpha, Cluster Bravo and Cluster Charlie — each have ties to Chinese state-backed groups previously identified by other companies and governments - including APT15 and a subgroup of APT41 known by some researchers as “Earth Longzhi.”

therecord.media/tag/apt41

therecord.media/apt15-nickel-g

The report follows up on one released in June about attacks on an unnamed government organization.

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.