A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks.
The group has been active since at least 2017, researchers believe it is linked with other China-linked APT groups, including APT41 (Winnti), Mustang Panda, and APT27.
The Space Pirates APT group focuses was spotted targeting government agencies and enterprises involved in aerospace, IT services, and electric power industries located in Russia, Georgia, and Mongolia.