Targeting of Tibetans living abroad

Date of report

June 2022

Affiliations

Lucky Cat

A Chinese threat actor was found using a zero-day vulnerability, dubbed Follina, in Microsoft Office products to distribute zero-click malware. The attackers used Follina to target Tibetan organizations and Tibetans living abroad with malware.

Suspected victims

Tibetan organizations and Tibetans living abroad

Suspected state sponsor

China

Type of incident

Espionage

Target category

Civil society

Victim government reaction

Unknown

Windows MSDT zero-day now exploited by Chinese APT hackers
China-backed hackers are exploiting unpatched Microsoft zero-day

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events