A cyberespionage group whose targeting has historically been aligned with China’s geopolitical interests has been targeting European and Russian entities using topical spear-phishing lures connected to the war in Ukraine.
The group, tracked as Mustang Panda, RedDelta, Bronze President or TA416 by different cybersecurity firms, has been active since at least 2012 and over the years has targeted organizations in EU member states, the United States and Asian countries where China has interests. The targets have included diplomatic entities, think tanks, non-governmental organizations (NGOs), religious organizations, telecommunication companies, and political activists.
