APT31 Linked to Czech Government Cyberattack
The Czech Republic has formally accused China-linked advanced persistent threat group APT31 of conducting a cyberattack against its Ministry of Foreign Affairs, targeting an unclassified network designated as critical infrastructure. The malicious activity, which dates back to 2022, has been attributed to APT31—a state-sponsored group associated with China’s Ministry of State Security and believed to overlap with threat clusters like Bronze Vinewood and Violet Typhoon.
APT31 has a history of using public file-sharing services to mask command-and-control traffic and is known for targeting organizations tied to government and defense supply chains. This latest attribution follows prior incidents involving APT31, including U.S. indictments of seven of its operatives in 2024 and Finland’s 2020 Parliament breach. The threat group reportedly deployed a NanoSlate espionage backdoor against a Central European government in late 2024, though it’s unclear if this is related to the Czech Republic breach.
Czech officials condemned the attack, calling it a breach of responsible state behavior in cyberspace and a violation of international norms. The government urged China to adhere to agreed-upon rules under the United Nations framework and to cease cyber espionage campaigns that undermine diplomatic trust and global cybersecurity.
Lakshmanan, Ravie. 2025. “Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack.” The Hacker News. May 28.
READ: https://bit.ly/43x5yb4
