back to article China-linked Twisted Panda caught spying on Russian defense R&D

Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research. The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, if not nearly a year, according to the …

  1. Will Godfrey Silver badge

    Am I surprised?

    Is the pope a Catholic? etc.

    1. veti Silver badge

      Re: Am I surprised?

      Quite. Of course China is trying to steal those sorts of secrets. So too, I hope, are America and Britain and France and Germany and Israel, among others. If anyone were to tell me definitively that any of these countries doesn't have an active espionage programme aimed at these institutions, I would be very disappointed in them.

      1. Yet Another Anonymous coward Silver badge

        Re: Am I surprised?

        Spying on your enemy's military? That shows just how backward China is - you spy on your allies, that's politics that is.

    2. EricM

      I am ...

      Thought the Chinese would concentrate this kind of activity to more valuable targets ...

  2. Throatwarbler Mangrove Silver badge

    In before . . .

    . . . a certain someone accuses Check Point of being a American sock puppet and whatabouting this research.

    1. Anonymous Coward
      Anonymous Coward

      Re: In before . . .

      They are probably too busy adding another 30 posts complaining about the duplicated effort of multiple Linux distros, to sew the disinformation they are being paid for.

  3. mark l 2 Silver badge

    It still baffles me that downloading a 'document' can own your computer in 2022. It about time we went back to basic word processors and spreadsheets without the ability to run any code inside documents.

    1. david 12 Silver badge

      "back to" ????

      vi and vim both had the ability to run macros. It's been a characteristic of basic word processors from the earliest days of computing.

      1. Paul Crawford Silver badge

        Yes, but they did not run what was inside the document.

    2. veti Silver badge

      People have been saying that for as long as I've been active on the Internet, which is to say about 30 years now. It's the tech equivalent of "why can't we all just get along?"

      1. EricM

        Right. And both are definitely true.

        If only humans were an intelligent species ...

        1. veti Silver badge

          People keep getting born. That's where the trouble starts.

          They grow up, and want to move out of their parents' home. But where to move to? Gone are the days (if ever) when they could just wander into the woods, or the wilderness, and build a cabin for themselves. All the land is already owned by someone. Mostly, by very rich (and therefore influential) people.

          So they either have to pay whatever the asking price is for land this week, or resort to shenanigans. Option 1, which you'll note is only available to people who have quite a lot of resources to start with, helps to make the rich richer and keeps the poor in their place.

          Option 2 is the beginning of "not getting along". (Although of course you can also use shenanigans to make yourself richer and then buy the land fair and square, thus combining both options. That's also "not getting along".)

          Every war ever is ultimately about "who gets to live where". Putin, for instance, thinks that Ukraine should be populated by people who think of themselves as Russians, loyal to Mother Russia, and to that end he's trying to scatter people who think of themselves as "Ukrainian" to far-flung parts of Russia. (Or Europe, that works too, so long as they don't go back.)

          Why is all this relevant to the GGP post? Because "Why can't we all just get along?" is hopelessly naive. It's something that can only be said with a straight face by a very young person who not only knows nothing about history or politics or demography or social sciences in general, but is also largely unaware that there is anything to know about these subjects. And so is the GGP sentiment: anyone who's spent more than about two minutes thinking about the subject already knows that it's not going to happen, and why. It falls under the heading of "aww, that's sweet" if the speaker is a teenager or younger, otherwise it's just irritating.

          1. Anonymous Coward
            Anonymous Coward

            Thanks Grandad, not sure why you felt it so necessary to write a screed ridiculing someone else for their hopes for a better world. Maybe it was your human nature and consequent desire for oneupmanship.

            You know - the root cause of why we can't all get just get along...

          2. b0llchit Silver badge

            People keep getting born. That's where the trouble starts.

            Time for a post-natal abortion then.

          3. Grinning Bandicoot

            George Santayana

            One of the comments attached to Branagh's Henry V U-tube posting is a waif complaining of the war and death of the period. It appears to be one of those that don't follow history.(This class must greater than believed so it must be a terrible shock to find REALITY. Good spying will always resolve intentions and the capabilities attracted to those intentions.

            'specially about Chrtistmas in New Jersey

    3. Plest Silver badge

      Well that's basically because once the cat was out of the bag you ain't getting it back in again! People love all the gizmos they get inside Word and Excel, and with almost every biz on the planet relying on Excel to run their fianances ( yeah, shake your head all like, you know it to be true! ), if you killed the VB macros engine inside Excel sheets then the world will literally grind to a halt.

      Not saying I agree but I'm just saying that I'm a realist, we're stuck with it so just suck it up and keep your AV software updated!

    4. computing

      Or just run the doc attachment inside an adhoc virtual machine. Spun up earlier and the file transferred to it right then, when the user double clicks the attachment

  4. thames Silver badge


    How exactly does Check Point get access to sensitive Russian systems and communications in order to conduct this sort of analysis? I find "Chinese haxors pownd the Russians ha! ha!. Don't ask how we got copies of everything" to be vaguely unsatisfying.

    1. Paul Crawford Silver badge

      Re: How?

      You are Vladimir Putin and I claim my 5 roubles!

      1. b0llchit Silver badge

        Re: How?

        5 roubles... You can't even get a vodka for 8 cents (at current exchange rates)!

  5. Plest Silver badge

    "China isn't above spying..."

    Serioulsy? "spying" and "China" pretty much go together like peaches and cream! In fact I can imagine it's pretty much mandatory for China to be spying on all countries be they friendly or otherwise!

    1. Anonymous Coward
      Anonymous Coward

      Your media has successfully brainwashed you into thinking that China is bad for doing exactly what your country does.

      1. G28

        Splendid fellows

        It was specifically Blackadder that taught me that when we do it, it’s ok!

        Captain Darling:

        So you see, Blackadder, Field Marshall Haig is most anxious to eliminate all these German spies.

        General Melchett:

        Filthy hun weasels, fighting their dirty underhand war!

        Captain Darling:

        And fortunately, one of our spies...

        General Melchett:

        Splendid fellows, brave heroes risking life and limb for Blighty!

  6. Howard Sway Silver badge

    the actual running process is valid and signed by Microsoft

    This is the little detail that jumped out at me. It strongly suggests that if Microsoft will happily approve and sign state-run malware, then the "guarantee" offered by their code signing procedure is utterly worthless.

    1. RM Myers

      Re: the actual running process is valid and signed by Microsoft

      You might want to look up an explanation of "DLL sideloading" to get a better understanding of how the malware is executing.

  7. BOFH in Training Bronze badge

    Honour among thieves

    There is no honour among thieves I think.

    1. Anonymous Coward
      Anonymous Coward

      Re: Honour among thieves

      Only the good guys don't spy. Oh wait, everyone is thieving and deceiving.

      But it's sweet that you think you hold the moral high ground. Your media salutes you for towing the line.

  8. TeeCee Gold badge

    Twisted Panda?

    Look, I know that there's every sort of pr0n going on teh internets, but that's a step too far...

  9. Jimmy2Cows Silver badge

    Unlimited relationship

    Hey Putin, how's your unlimited relationship with China working out? Feeling like Xi's bitch yet?

    1. Grinning Bandicoot

      Re: Unlimited relationship to what?

      Putin at the minimum will get back half of their old private lake if Odessa falls to the Soviets [sic]. A line drawn from the point of the Romanian border on the Black Sea to a corresponding point at the Georgia intersection will provide the rationale that makes the Barents Sea to be restricted waters. The next stunt would to Yell truce and demand a plebiscite with those actually in Ukraine and peace-loving not under arms residents. He cannot lose. The 'be-nicers' will agitate, those ducking fire will soon tire, and the rest are hostage. Cannot lose!

      China is doing magician act dancing around Taiwan while was built Icebreakers and the PLAN is practicing operating in the Northern Pacific. I put the boundary of Cinnese Siberia just about a line running North/South of Lake Baikal

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022