Check Point Research has identified an ongoing cyber espionage campaign by the Chinese threat actor Sharp Dragon (formerly Sharp Panda). This campaign now targets governmental organisations in Africa and the Caribbean, using highly tailored phishing emails and advanced tools like Cobalt Strike Beacon, replacing their previous custom malware. This reflects a previously reported trend for cybercriminals to target less cyber-mature countries before executing attacks against the West.
Sharp Dragon exploits 1-day vulnerabilities and compromised servers for Command and Control (C2) operations, demonstrating refined tactics and increased operational security. By leveraging trusted government entities to infect new targets, the group enhances its infiltration capabilities. This strategic shift underscores a broader effort by Chinese cyber actors to extend their influence in historically overlooked regions.
- THE EDITORIAL TEAM
- Vigilance
- Posted On