Chinese cyberspies infiltrate Australia with fake news site: Australian Morning News: Red Ladon

Cunning Chinese cyberspies have successfully infiltrated Australian computer systems to steal sensitive information in support of Beijing’s militarization of the South China Sea.

The spies, linked to China’s Ministry of State Security, launched a fake media company to collect information from Australian workers in the defense, health, energy and government sectors.

Beijing’s scam began with a series of emails in the run-up to May’s general election, with a message from a self-proclaimed “humble” digital new website called Australian Morning News, urging recipients to click a link containing their Computers would infect with malware and compromise their privacy.

Cunning Chinese cyberspies have successfully infiltrated Australian computer systems to steal sensitive information in support of Beijing's militarization of the South China Sea (stock image)

Cunning Chinese cyberspies have successfully infiltrated Australian computer systems to steal sensitive information in support of Beijing’s militarization of the South China Sea (stock image)

Pictured: Chinese Navy sailors march in Tiananmen Square in October 2019

Pictured: Chinese Navy sailors march in Tiananmen Square in October 2019

Upon closer inspection, the site contained plagiarized articles, photos, and headlines from popular imprints.

The domain name was first registered on April 8, 2022 under the false name “Florence Gourley”.

The hackers have been targeting Australia for three months in the run-up to the 2022 vote, hurting computers not only Down Under but also in Europe and Malaysia.

However, American cybersecurity firm Proofpoint and PwC Threat Intelligence were able to identify the group, reports The Australian.

Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, said Red Ladon's hackers were persistent

Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, said Red Ladon’s hackers were persistent

The government-backed cyber attackers belonged to a group called Red Ladon, or TA423, and were likely the same group of Chinese spies responsible for a similar attack on Australia two years ago.

Scott Morrison shocked the nation by detailing how unnamed “state actors” had targeted banks, universities, hospitals, transportation networks, power grids and the military in a protracted campaign of cyberwar in June 2020.

Insiders at the time claimed the cyber invasion was payback for Australia’s decision to ban Chinese state-owned Huawei from the national 5G network in 2018 over national security concerns.

Between April and June this year, hackers also targeted companies involved in operating power generators in the South China Sea — where authoritarian power is creating artificial islands in violation of international law.

Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, said Red Ladon’s spies were particularly “cunning and persistent.”

Beijing's scam began with a series of emails in the run-up to May's general election with a message from a self-proclaimed

Beijing’s scam began with a series of emails in the run-up to May’s general election with a message from a self-proclaimed “humble” digital new website called Australian Morning News (page pictured) asking recipients to click on a link clicking would infect their computers with malware and compromise their privacy

Pictured: Chinese President Xi Jinping

Pictured: Australian Prime Minister Anthony Albanese

Pictured: Chinese President Xi Jinping and Australian Prime Minister Anthony Albanese

“They support the Chinese government on South China Sea-related matters, including during recent tensions in Taiwan,” she told The Australian.

Ms. DeGrippo suspects the group is primarily interested in naval issues in the contested seas and has increased efforts to access sensitive information as China becomes aggressive in the region.

Proofpoint said the hackers focused much of their efforts on global manufacturers operating wind turbines in the South China Sea, using emails with subject lines like “sick leave” and “user research” to access computer systems.

“TA423/Red Ladon is a China-based espionage-motivated threat actor active since 2013 targeting a variety of organizations in response to political events in the Asia-Pacific region, with a focus on the South China Sea,” Evidence Point said.

“Target organizations include defense contractors, manufacturers, universities, government agencies, law firms involved in diplomatic disputes, and foreign companies involved in Australasian politics or operations in the South China Sea.”

Between April and June, the cyber hackers targeted local and federal government agencies under the guise of the Australian Morning News (pictured Chinese troop training in Russia).

Between April and June, the cyber hackers targeted local and federal government agencies under the guise of the Australian Morning News (pictured Chinese troop training in Russia).

Former Prime Minister Scott Morrison said in 2021 China was responsible for a series of attacks that were later condemned in a joint statement coordinated with the US, Britain, the European Union, New Zealand, Canada and NATO.

Communist Party officials were outraged when Mr Morrison’s government called for an independent inquiry into the origins of the coronavirus pandemic in April 2020.

Demands for transparency were met with a series of arbitrary bans and tariffs on key Australian exports, including barley, wine, beef, cotton, seafood, coal and timber.

Intelligence officials also attributed last year’s major cyberattack on Australia’s parliament as part of Beijing’s campaign to intimidate or bully Australia to tensions over trade.

https://www.dailymail.co.uk/news/article-11160623/Chinese-cyber-spies-infiltrate-Australia-fake-news-site-Australian-Morning-News-Red-Ladon.html?ns_mchannel=rss&ns_campaign=1490&ito=1490 Chinese cyberspies infiltrate Australia with fake news site: Australian Morning News: Red Ladon

Bradford Betz

WSTPost is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – admin@wstpost.com. The content will be deleted within 24 hours.

Related Articles

Back to top button