Welivesecurity
China-aligned APT Groups Target Global Maritime and Tech Sectors Amid Geopolitical Tensions
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
ESET's latest APT Activity Report reveals that from October 2025 to March 2026, China-aligned threat actors engaged in extensive espionage campaigns, particularly in Venezuela and the Gulf region. Following U.S. military operations, groups like FamousSparrow targeted Venezuelan maritime entities to monitor oil shipment resilience. Additionally, UNC5221's SPAWN malware was noted targeting governmental systems in Cambodia and Panama, as well as an AI and robotics firm in South Korea, aligning with China's strategic technology interests. Concurrently, North Korea-aligned groups like Andariel attacked the nuclear power sector, while Iran-aligned activities fluctuated due to internet restrictions amid ongoing conflict. ESET documented new clusters of activity against Israeli targets, indicating a rise in espionage and destructive capabilities. The report emphasizes the evolving nature of state-sponsored cyber threats in response to geopolitical developments.
Key Points: • China-aligned APT groups targeted maritime and tech sectors in response to geopolitical events. • FamousSparrow and UNC5221 were involved in espionage campaigns against Venezuela and South Korea. • Iran-aligned activities decreased due to internet restrictions amid the ongoing war in Iran.