From Espionage to Extortion: Chinese Cyberspies Get a Payday Makeover

Chinese cyberspies moonlighting as ransomware bandits? It sounds like the plot of a spy-thriller. Symantec’s research reveals Mustang Panda, a Beijing-backed espionage group, is now demanding ransom while juggling state secrets. Who knew cyberespionage could come with a side hustle? Looks like even hackers need to pay the bills!

3P
Published: February 14, 2025 2:25 amAdded: February 13, 2025 at 6:51 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

In a plot twist worthy of a daytime soap opera, it seems some Chinese government-backed spies have decided to moonlight as ransomware extortionists. Maybe they’re just trying to make ends meet, or perhaps espionage is simply losing its thrill. Either way, this crossover episode is one for the cybersecurity history books. Get your popcorn, folks!

Key Points:

  • Chinese government-backed espionage group involved in a ransomware attack.
  • Attackers exploited a flaw in Palo Alto Networks software to breach a South Asian company.
  • RA World ransomware was used to demand a $2 million ransom.
  • Symantec identified the attackers as linked to Mustang Panda, a known Chinese espionage group.
  • Ransomware use by state-backed actors blurs the line between espionage and financial crime.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?