Scworld
China-linked Cyber Campaign Targets Southeast Asian Government
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
In 2025, multiple China-linked threat groups executed a sophisticated cyber campaign against a Southeast Asian government, utilizing various malware families to achieve persistent access and exfiltrate sensitive data. The operation involved three distinct clusters: Mustang Panda, CL-STA-1048, and CL-STA-1049, each employing advanced techniques and a range of malware including HIUPAN, PUBLOAD, and FluffyGh0st. Mustang Panda notably used the USBFect worm for propagation via infected USB drives, facilitating lateral movement and data theft. The campaign spanned from March to September 2025, indicating a well-coordinated effort with significant resources. The impact of the attack remains under assessment, but the sophisticated nature of the operation suggests a serious breach of security for the affected government.
Key Points: • China-linked groups executed a complex cyber campaign against a Southeast Asian government in 2025. • The operation involved three clusters and multiple malware families, including PUBLOAD and FluffyGh0st. • Mustang Panda utilized the USBFect worm for malware propagation and data exfiltration.