Poland Sees Rising Cybersecurity Risks Linked to China
Illustrative image on the topic of cyber attack

China is emerging as an increasingly significant threat to Poland’s cybersecurity, driven by a surge in cyberattacks targeting critical infrastructure and government institutions.

According to CyberDefence24, a recent report by CSIRT GOV highlights a notable increase in the activity of Chinese-linked hacker groups throughout 2024, including APT15 and UAC-0050 (DaVinci). These groups have been implicated in a series of cyber operations to compromise critical infrastructure, public sector entities, and private enterprises across the country.

It was determined that a server belonging to a Polish transport company established a connection with a system controlled by the APT15 threat group. This connection enabled the attackers to deploy PlugX malware, facilitating remote access and control over the targeted systems.

Using advanced techniques, the attackers injected a piece of malicious code that enabled remote control of the server, data exfiltration, and the compromise of administrative accounts.

The identified PlugX trojan is characteristic of attacks carried out by Chinese hacker groups.

Meanwhile, another group—UAC-0050 (DaVinci)—is conducting phishing campaigns by distributing emails with attachments that install remote access software.

These attacks are targeting the financial sector and aim to intimidate the public through false messages about explosions.

Illustrative image on the topic of hackers

During the vulnerability assessment process, it was discovered that hacker groups exploit weaknesses in TP-Link routers—commonly used in small office environments—to carry out password spraying attacks on services such as Microsoft 365.

Militarnyi previously reported that the Czech government had accused China of a cyberattack targeting the Ministry of Foreign Affairs, which had been ongoing since 2022.

The activity was uncovered as a result of an investigation. In light of information about the prolonged cyber campaign, Czech Foreign Minister Jan Lipavský summoned the Chinese ambassador.

Later, Minister Lipavský wrote on the social media platform X that he had summoned the Chinese ambassador to make it clear that “such hostile actions have serious consequences for bilateral relations.”

Share this post:

SUPPORT MILITARNYI

PrivatBank ( Bank card )
5169 3351 0164 7408
Bank Account in UAH (IBAN)
UA043052990000026007015028783
BTC
bc1qg0z99m95fte7kj8faa7h2kvnq92wvc53exe8gm
USDT
0x8676644fA7B6d328310283cAC1065Ae01d97CEe7
ETH
0xfD02863D3289416fcF50975c9DFda13623f97758
Popular
Button Text