For months, Chinese cybercriminals scraped Australian computer networks in search of crucial defence and energy-related data. The “Red Ladon” group, which is allegedly connected to the Chinese government, set up a fake Australian publication in an attempt to pressure Australian employees with access to sensitive information into clicking a link that would infect their computers with malware, according to American cyber security firm Proofpoint.
According to reports, employees at well-known media firms, defence, and health organisations were targeted for three months in 2022, particularly during the Federal Election.
According to the Australian, the South China Sea-related sensitive defence, navy, and energy information was the target of the phishing scheme. The emails attempted to get recipients to visit Australian Morning News, a bogus website that was infected with malware that would allow spies to access the personal information of their victims.
Red Ladon (also known as TA423), according to Proofpoint Vice President of Threat Research and Detection Sherrod DeGrippo, is one of the largest risks to cyber security around the globe.
