China-Nexus Actor Spy on US Researchers Undetected for a Year
Summary
Google has uncovered and dismantled a sophisticated Chinese-backed espionage campaign that operated undetected for a year, targeting US research institutions. The attackers utilized stolen RedCAP credentials to gain access and exfiltrate sensitive data.
IFF Assessment
FOE
This incident represents a significant success for a well-resourced threat actor, indicating successful espionage and data exfiltration against critical US institutions.
Defender Context
This campaign highlights the persistent threat of nation-state sponsored espionage and the importance of robust credential management and detection capabilities. Defenders should be vigilant against sophisticated phishing and social engineering tactics targeting access to research data platforms.