threatintel
actor tracker
APT31
Reportseverity: High2020-09-10

Microsoft discloses Zirconium (APT31) targeting of 2020 US presidential campaign and international affairs community

published by Microsoft
Actor
APT31CN · ChinaAPT

PRC state-sponsored intrusion set publicly attributed to the Ministry of State Security's Hubei State Security Department, operating through the front company Wuhan Xiaoruizhi Science and Technology…

Summary

Microsoft's Customer Security & Trust team reported that Zirconium — the Microsoft alias for APT31 — had launched thousands of attacks between March and September 2020, resulting in nearly 150 compromises. The China-based group indirectly targeted the Joe Biden for President campaign via non-campaign email accounts of affiliated individuals, as well as academics at more than 15 universities and 18 international affairs organizations including the Atlantic Council and Stimson Center, using web-beacon reconnaissance tied to attacker-controlled domains.

Tags

reportelection-securityzirconiummicrosoft

Primary source

blogs.microsoft.com

Other APT31 events