China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
Summary
A China-linked advanced persistent threat group, identified as UAT-8302 by Cisco Talos, has been targeting government entities in South America since late 2024 and in southeastern Europe in 2025. The group employs custom-made malware families for post-exploitation activities.
IFF Assessment
This article details the activities of a sophisticated nation-state-backed threat actor targeting government entities, which poses a significant risk to national security and sensitive information.
Defender Context
Defenders should be aware of sophisticated APT campaigns originating from China, particularly those targeting government entities. The use of custom malware suggests a high level of technical capability, necessitating robust threat intelligence, endpoint detection and response, and network monitoring to detect and prevent such intrusions.