The hackers, who targeted the Vatican and appear to have suspected links to the Chinese government, were not intimidated by the public revelation and continued their activities normally, Recorded Future reported in a report released on Tuesday.
Recorded researchers first reported in July the group's goals were the Vatican and the Catholic Church Diocese of Hong Kong. The group stopped for a while activity her, trying to avoid him detection. But within two weeks, the hackers, known as RedDelta, had resumed their activities in order to penetrate the mail servers of the Vatican and the Hong Kong Catholic Church, the researchers said.
"This is indicative of the RedDelta team's persistence," the researchers wrote in a blog post.
China has long shown interest in its religious groups area, and especially for Catholics, especially since the Vatican severed diplomatic relations with China in 1951. But in recent months Beijing seems to have turned his attention to Hong Kong Christians as he wants to gather more information about pro-democracy demonstrations in Hong Kong.
The operation is believed to have been aimed at gathering information from the Vatican about an agreement to be reached with China on businesses of the Catholic Church in China. These discussions took place earlier this month. Beijing announced last week that both sides have reached an agreement with them researchers state that "hacker tasks may have been accomplished or may no longer be required".
The malicious activity stopped earlier this month, reports Recorded Future.
Hackers use a variant of PlugX called "RedDelta PlugX", a remote access trojan and malicious .zip files to try to compromise targets, the researchers reported. The e-mails used by the hackers as a temptation mentioned issues related to Catholicism in China, Tibetan-Ladak relations and the Security Council of the General Assembly of the United States.
The intruders are believed to be linked to the Mustang Panda group, whose hackers are based in China and are known to use PlugX. The group targets non-governmental organizations Organisations, according to CrowdStrike, another security company. They have also shown interest in the collection information on entities in Mongolia.
In recent days, suspected Chinese government-linked hackers have set other targets that may be related to Beijing's strategic interests in the region and have begun targeting entities in Hong Kong, according to Recorded Future, which did not provide further details. the new goals. Hackers are also targeting government entities in India amid a long-running conflict between China and India.