216.73.216.197

China-linked Actors Maintain Focus on Organizations Influencing U.S. Policy

· Published 07/11/2025 09:04 · Modified 07/11/2025 09:45

Export JSON

Essential information

Published
07/11/2025 09:04
Modified
07/11/2025 09:45
Tags
2025-11-07 CVE-2017-17562 CVE-2017-9805 CVE-2021-44228 CVE-2022-26134 apt41 china dcsync deed rat dll sideloading domain controllers espionage kelp persistence policy influence space pirates
Related entities
4 vulnerabilities (cve), 7 observables, 1 intrusion sets (apt), 1 techniques (mitre), 2 malware, 4 others

Description

Chinese threat actors continue to target U.S. organizations involved in policy issues. A recent intrusion into a non-profit organization active in influencing U.S. government policy on international matters occurred in April 2025. The attackers, likely Chinese-based, used various techniques to establish and maintain long-term network access. They employed , legitimate tools for malicious purposes, and attempted to compromise . The attack chain included mass scanning, network reconnaissance, and the use of tools previously linked to Chinese groups like , , and . This activity reflects 's ongoing interest in monitoring and influencing U.S. policy, particularly in the current geopolitical climate.