Chinese APT group linked to cyber attack on U.S. defense firm

ReliaQuest has released a detailed account of a cyber intrusion targeting a U.S.-based defence technology company, with evidence pointing to the involvement of a Chinese advanced persistent threat (APT) group.

The incident, which occurred in February 2025, involved advanced methods to gain and maintain access to the targeted network, employing techniques designed to avoid detection and achieve the theft of sensitive intellectual property related to defence technologies.

ReliaQuest states that the attack “showcased advanced techniques and technical expertise, including re-compromising the network after being removed. The attackers exploited multiple vulnerabilities, leveraged stealthy evasion techniques, and maintained persistence through custom tools and web shells.”

Read more at Security Brief Asia