Chinese Hackers Target EU Governments Using Discord, Microsoft Tools

An advanced persistent threat group linked to China has conducted cyberattacks against European government agencies using legitimate platforms like Discord and Microsoft Graph APIs as command-and-control channels. The attackers employed SOCKS proxies including SoftEther VPN to mask their activities and establish secure tunneling between compromised systems and attacker infrastructure. This sophisticated approach allowed the group to evade detection by blending malicious traffic with normal communications. Security researchers identified this campaign as part of a broader espionage operation targeting sensitive government networks across the EU region. Source: Cybersecurity publication.