RedFoxtrot cyber threat group, which is believed to have links with the Chinese military, has been targeting Indian organizations since becoming active in 2014. This hacker group has particularly focussed on targeting Indian institutions ranging from defense, telecommunications, mining, and research.

Along with India, the other countries targeted by this hacker group include Afghanistan, Pakistan,  Uzbekistan Kazakhstan, Kyrgyzstan, and Tajikistan. An article in Economic Times has revealed that recently, cyber espionage activity, attributed to this group, was observed.

Take a Moment to Stay Tuned Forever

Subscribe to get weekly cyber security updates!

Links Between RedFoxtrot and the Chinese Military

The article mentions that specific ties were observed between RedFoxtrot’s activity and the Chinese military’s intelligence wing. This hacker group’s activity was linked to intrusions that targeted different sectors around Asian countries that border China.

RedFoxtrot is known to maintain a huge arsenal of operational infrastructure and uses a wide variety of malware frequently used by Chinese cyber espionage groups.

Based on the common use of methodology and capabilities, the links of RedFoxtrot have been firmly established with the Chinese People’s Liberation Army’s Unit 69010.

Recent History

In the month of March 2021, it came to light that Chinese hackers have been targeting Indian vaccine producers Bharat Biotech and Serum Institute of India. A report by Reuters revealed that a Chinese hacker group which goes by the name APT10, also known as Stone Panda, exploited vulnerabilities present in the IT infrastructure of these vaccine-producing firms.

While the companies chose not to comment on this matter, the Computer Emergency Response Team (CERT-IN) said that the matter had been given to its operations director for further action.

In November 2020, Microsoft had come up with a warning that cyber attackers were targeting vaccine makers in India, France, Canada, United States, and South Korea. Many of these hacker groups were believed to be state-backed with the intention to disrupt global vaccine production and distribution.

Like reading cyber security news? Here’s something more:

Turn Your Employees Into A Cyber Threat Shield

Make your employees proactive against prevailing cyber attacks with ThreatCop!

Leave a comment

Your email address will not be published. Required fields are marked *