Scworld
Chinese Phishing Campaigns Target Journalists and Activists
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Recent reports reveal two coordinated phishing campaigns, GLITTER CARP and SEQUIN CARP, targeting journalists and activists linked to the International Consortium of Investigative Journalists (ICIJ) and other critical voices against the Chinese government. These operations, attributed to state-backed actors, involve impersonation tactics to steal sensitive information from individuals, including Uyghur, Tibetan, and Taiwanese activists. The campaigns have been linked to over 100 fraudulent domains aimed at credential theft and surveillance. Notable incidents include a fake email sent to Taiwanese journalist Kuochun Hung, impersonating a respected colleague, and attempts to contact Uyghur activist Mehmet Tohti through WhatsApp. The ICIJ's collaboration with Citizen Lab has highlighted the growing sophistication of these attacks, which are seen as part of China's broader strategy of digital transnational repression. The ongoing nature of these operations indicates a significant threat to targeted individuals and organizations.
Key Points: • Chinese state-backed actors are conducting sophisticated phishing campaigns against journalists. • The GLITTER CARP and SEQUIN CARP operations use impersonation to steal sensitive information. • Over 100 fraudulent domains have been identified, indicating a large-scale effort to surveil dissidents.