If you thought your inbox was messy, imagine what it’s like for foreign ministers, except someone may actually be reading theirs. A mysterious hacker group, now called ‘Phantom Taurus,’ has been caught sneaking into email servers of diplomats and ministries around the world in a years-long espionage operation. A three-year digital spy operation Cybersecurity experts from Palo Alto Networks’ Unit 42 revealed that the group has been secretly breaking into Microsoft Exchange servers for almost three years. Once inside, they hunted for high-level diplomatic conversations and sensitive government files. The findings, first reported by Bloomberg, point to espionage attempts closely tied to China’s political and economic agenda. Diplomacy in the crosshairs Investigators say the hackers weren’t just looking for random data. They searched specifically for keywords linked to major global events, such as the 2022 China-Arab Summit in Riyadh. They even combed through files mentioning Chinese President Xi Jinping and First Lady Peng Liyuan in relation to the event. Lior Rochberger, senior researcher at Unit 42 said: When I found them searching for specific diplomatic keywords and then exfiltrating emails from embassies and military operations, I realised this was a serious intelligence collection effort. Beijing pushes back The Chinese Embassy in Washington has dismissed the allegations. Its spokesperson, Liu Pengyu, argued that cyberattacks cannot easily be pinned to one country: “Cyberspace is highly virtual, difficult to trace, and involves a diverse range of actors. Tracing the source of cyberattacks is a complex technical issue that requires solid and full evidence.” Not just one attack, a pattern This isn’t the first time China-linked hackers have been accused of targeting governments and companies.
Earlier this month, Google said a Chinese group had broken into U.S. tech firms. In another case, hackers impersonated a senior U.S. lawmaker to extract details about trade talks. According to Assaf Dahan, director of threat intelligence at Unit 42, many of these breaches share one thing in common: A tight correlation to specific geopolitical events or military manoeuvres. Why it matters Phantom Taurus’ operations often line up with China’s strategic interests, especially in regions like the Middle East, Afghanistan, and Pakistan. Security experts warn that such campaigns show how the line between diplomacy and digital warfare is vanishing fast.
The post Telecom firms in the Middle East, Asia face cyberattacks:Chinese hacker group ‘Phantom Taurus ‘ spies on government officials through email attacks appeared first on Tri-Cities India.
