{"id":1015,"date":"2023-07-04T12:03:40","date_gmt":"2023-07-04T12:03:40","guid":{"rendered":"https:\/\/www.tsfactory.com\/forums\/?p=1015"},"modified":"2023-07-04T12:03:40","modified_gmt":"2023-07-04T12:03:40","slug":"chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx","status":"publish","type":"post","link":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/","title":{"rendered":"Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX"},"content":{"rendered":"<p>A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems.<\/p>\n<p>Cybersecurity firm Check Point said the activity, dubbed SmugX, has been ongoing since at least December 2022, adding it&#8217;s part of a broader trend of Chinese adversaries shifting their focus to Europe.<\/p>\n<p>&#8220;The campaign uses new delivery methods to deploy (most notably \u2013 HTML Smuggling) a new variant of PlugX, an implant commonly associated with a wide variety of Chinese threat actors,&#8221; Check Point said.<\/p>\n<p>&#8220;Although the payload itself remains similar to the one found in older PlugX variants, its delivery methods result in low detection rates, which until recently helped the campaign fly under the radar.&#8221;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2023\/07\/chinese-hackers-use-html-smuggling-to.html\">Read the Full Story Here<\/a><\/p>\n<p>Source: The Hacker News<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX, has been ongoing since at least December 2022, adding it&#8217;s part of a broader trend of Chinese [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":1016,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1015","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX - Community<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX - Community\" \/>\n<meta property=\"og:description\" content=\"A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX, has been ongoing since at least December 2022, adding it&#8217;s part of a broader trend of Chinese [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/\" \/>\n<meta property=\"og:site_name\" content=\"Community\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/TSFactoryLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-04T12:03:40+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2023\/07\/pexels-viktorya-sergeeva-\ud83e\udec2-15871440.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"2276\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chelsie Wyatt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:site\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chelsie Wyatt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/\",\"name\":\"Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX - Community\",\"isPartOf\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2023\/07\/pexels-viktorya-sergeeva-\ud83e\udec2-15871440.jpg\",\"datePublished\":\"2023-07-04T12:03:40+00:00\",\"author\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#primaryimage\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2023\/07\/pexels-viktorya-sergeeva-\ud83e\udec2-15871440.jpg\",\"contentUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2023\/07\/pexels-viktorya-sergeeva-\ud83e\udec2-15871440.jpg\",\"width\":1280,\"height\":2276},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.tsfactory.com\/forums\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/\",\"name\":\"Community\",\"description\":\"TSFactory\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\",\"name\":\"Chelsie Wyatt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"caption\":\"Chelsie Wyatt\"},\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX - Community","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/","og_locale":"en_US","og_type":"article","og_title":"Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX - Community","og_description":"A Chinese nation-state group has been observed targeting Foreign Affairs ministries and embassies in Europe using HTML smuggling techniques to deliver the PlugX remote access trojan on compromised systems. Cybersecurity firm Check Point said the activity, dubbed SmugX, has been ongoing since at least December 2022, adding it&#8217;s part of a broader trend of Chinese [&hellip;]","og_url":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/","og_site_name":"Community","article_publisher":"https:\/\/www.facebook.com\/TSFactoryLLC\/","article_published_time":"2023-07-04T12:03:40+00:00","og_image":[{"width":1280,"height":2276,"url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2023\/07\/pexels-viktorya-sergeeva-\ud83e\udec2-15871440.jpg","type":"image\/jpeg"}],"author":"Chelsie Wyatt","twitter_card":"summary_large_image","twitter_creator":"@TSFactoryLLC","twitter_site":"@TSFactoryLLC","twitter_misc":{"Written by":"Chelsie Wyatt","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/","url":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/","name":"Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX - Community","isPartOf":{"@id":"https:\/\/www.tsfactory.com\/forums\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#primaryimage"},"image":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#primaryimage"},"thumbnailUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2023\/07\/pexels-viktorya-sergeeva-\ud83e\udec2-15871440.jpg","datePublished":"2023-07-04T12:03:40+00:00","author":{"@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f"},"breadcrumb":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#primaryimage","url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2023\/07\/pexels-viktorya-sergeeva-\ud83e\udec2-15871440.jpg","contentUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2023\/07\/pexels-viktorya-sergeeva-\ud83e\udec2-15871440.jpg","width":1280,"height":2276},{"@type":"BreadcrumbList","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/chinese-hackers-use-html-smuggling-to-infiltrate-european-ministries-with-plugx\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.tsfactory.com\/forums\/"},{"@type":"ListItem","position":2,"name":"Chinese Hackers Use HTML Smuggling to Infiltrate European Ministries with PlugX"}]},{"@type":"WebSite","@id":"https:\/\/www.tsfactory.com\/forums\/#website","url":"https:\/\/www.tsfactory.com\/forums\/","name":"Community","description":"TSFactory","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f","name":"Chelsie Wyatt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","caption":"Chelsie Wyatt"},"url":"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/"}]}},"_links":{"self":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1015","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/comments?post=1015"}],"version-history":[{"count":1,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1015\/revisions"}],"predecessor-version":[{"id":1017,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1015\/revisions\/1017"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media\/1016"}],"wp:attachment":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media?parent=1015"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/categories?post=1015"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/tags?post=1015"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}