Share this article on:
A Chinese state-backed hacking group was responsible for a recently acknowledged attack on a Belgian MP, according to the Belgian cyber watchdog.
The Centre for Cyber Security Belgium (CCB) revealed last month that in January 2021, Belgian MP Samuel Cogolati was the target of a spear phishing attack. The attack followed Cogolati writing a resolution on the “crimes against humanity” faced by Uyghur Muslims in China.
The CCB wrote in a letter that it had learned that the hacking group “APT31”, which is backed by the Chinese government, was likely behind the attack. While the cyber body has tied the hacking group to the incident, it has said that it cannot confirm for certain that it was responsible for the attack.
“We have reasons to believe that this series of emails came from APT31, a threat actor associated with China and who has shown interest in people who have criticised the actions of the Chinese Communist Party,” said the CCB.
APT31 is known for adding tracking pixels to images attached to emails, which collects data and sends it back to the sender. While this is typically a technique used by marketers, hackers use that data to personalise emails to victims, which then contain malicious attachments and links that they are more likely to open.
The spear phishing attack occurred when Cogolati received an email from hackers posing as a fake news organisation, which claimed to have information on the human rights violations, while he was drafting the resolution.
China has responded to the accusations, saying that it does “not encourage, support or connive at cyber attacks”.
“We reject the Belgian side’s irresponsible assertion,” it said.
European cyber bodies had previously been hesitant to call out China for its cyber attacks, due to it being such a major economic power. Now, however, as attacks increase in frequency and frustration increases, that reluctance is evaporating.
Cogolati has said that following the incident, he has set his targets on Chinese hacking groups and hopes to “shed full light on the extent of China’s cyber attacks against [his] country”.