Chinese State-Linked Hackers Target Tibetan Websites in Malware Attack

 Chinese state-sponsored hacking group, identified as TAG-112, has allegedly compromised two Tibetan community websites to infect visitors’ computers with malware, according to cybersecurity firm Insikt Group. The targeted sites, Tibet Post and Gyudmed Tantric University, were altered to prompt users to download a malicious file disguised as a security certificate. Opening the file installs Cobalt Strike Beacon malware, enabling espionage activities like keylogging and data collection. The attackers reportedly align with previous Chinese cyber groups targeting Tibetan and other dissident communities. China denies state-sponsored hacking and maintains it opposes cyberattacks.