A Chinese-linked hacking group secretly stole data from academic, medical and military research institutions in the U.S. and Canada for more than a year before being discovered, according to a report published by Google on Monday.
The campaign, which ran between September 2023 and November 2025, targeted information related to defence intelligence, Indo-Pacific military strategy, artificial intelligence, unmanned systems, cyber warfare programmes and medical research, according to researchers at Google's Threat Intelligence Group.
Google did not identify the affected organisations but said they collectively employ thousands of people and manage research budgets worth billions of dollars.
The targeted institutions worked across a wide range of fields, including drug discovery, clinical trials, public health policy and military readiness.
Google attributed the operation to a relatively new cyber-espionage group it tracks as UNC6508.
Luke McNamara, deputy chief analyst at Google's Threat Intelligence Group, said the group's tactics were broadly consistent with long-standing Chinese cyber-espionage activities focused on gathering information of interest to the Chinese government.
The Embassy of the People's Republic of China in the U.S. did not immediately respond to requests for comment. Beijing has repeatedly denied carrying out or supporting illegal hacking operations.
According to Google's report, the earliest known activity linked to the campaign dates back to September 2023, when hackers exploited vulnerabilities in servers running REDCap, a web application widely used by universities, hospitals and non-profit organisations to manage surveys and databases.
The attackers used custom-made malware to steal legitimate REDCap login credentials and gain access to targeted networks.
Once inside, they created an automated system that forwarded emails containing nearly 150 selected keywords and search terms to a Gmail account under their control.
REDCap did not immediately respond to requests for comment.
The list of keywords included phone numbers and email addresses associated with targeted organisations, as well as terms linked to geopolitical policy, military strategy, advanced technologies and medical research.
The operation's focus on sensitive strategic sectors suggests an effort to gather intelligence spanning both national security and scientific innovation.
Google said it eventually identified multiple compromised institutions across the U.S. and Canada and notified each of the affected organisations.
The findings highlight the continued threat posed by state-linked cyber-espionage campaigns targeting research institutions, particularly those working on advanced technologies and defence-related projects that are increasingly viewed as critical to national security.
In an historic milestone for South Caucasus diplomacy, Hikmat Hajiyev, Assistant to the President of the Republic of Azerbaijan, conducted his first w...
U.S. President Donald Trump said a preliminary agreement to end the war in the Gulf has been signed by the U.S. and Iran, though details have yet to b...
A U.S. Air Force B-52 Stratofortress bomber crashed on takeoff on Monday at Edwards Air Force Base in Southern California's Mojave Desert, bursting in...
Iran has said that reaching an agreement with the U.S. to end the war does not mean Tehran will overlook what it describes as war crimes committed aga...
The United Nations Security Council unanimously extended the United Nations Assistance Mission in Afghanistan (UNAMA) until 17 June 2027 in New York o...
In an historic milestone for South Caucasus diplomacy, Hikmat Hajiyev, Assistant to the President of the Republic of Azerbaijan, conducted his first working visit to Armenia on 14 June for a high-level meeting with Armen Grigoryan, Secretary of the Security Council of the Republic of Armenia.
The United Nations Security Council unanimously extended the United Nations Assistance Mission in Afghanistan (UNAMA) until 17 June 2027 in New York on Monday, preserving its humanitarian, rights and political work.
The first day of the Group of Seven (G7) summit in Évian-les-Bains, France, was dominated by discussions on the Middle East, Ukraine and the global economy, as leaders grappled with multiple crises that have reshaped the international landscape.
The FIFA World Cup 2026 produced drama and surprises on 14-15 June, with Iran fighting back to draw 2-2 with New Zealand, Ivory Coast scoring a stoppage-time winner over Ecuador, Sweden thrashing Tunisia 5-1, and debutants Cape Verde holding Spain to a goalless draw.
Details of a reported draft memorandum of understanding between the United States and Iran offer the clearest picture yet of how both sides plan to end months of conflict and move towards a longer-term settlement.
The U.S. and Iran say they have reached a deal to end their conflict, with an immediate ceasefire and reopening of the Strait of Hormuz after the lifting of the U.S. naval blockade. Talks will continue over the next 60 days to finalise the agreement
A senior U.S. official said on Monday that the memorandum of understanding linked to the U.S.-Iran agreement had been signed by President Donald Trump, Vice President JD Vance and Iranian Parliament Speaker Mohammad Bagher Qalibaf.
Israeli Prime Minister Benjamin Netanyahu has told U.S. President Donald Trump that Israel does not consider itself bound by a Lebanon-related provision in an emerging agreement with Iran, according to Israeli officials.
Switzerland on Sunday rejected a referendum proposal to cap its population at 10 million, a projection showed, as voters prioritised economic stability and the country's ties with the European Union over immigration concerns.
A U.S. Air Force B-52 Stratofortress bomber crashed on takeoff on Monday at Edwards Air Force Base in Southern California's Mojave Desert, bursting into flames and killing all eight crew members aboard, Air Force officials said.
Firefighters and workers were clearing debris on Monday after what Ukraine described as a deliberate Russian strike severely damaged a nearly 1,000-year-old cathedral in Kyiv, one of the country's most important religious and cultural landmarks.
One month after Ebola cases were confirmed in eastern Democratic Republic of the Congo, health officials and aid organisations say the true extent of the outbreak remains unclear because of major gaps in testing, reporting and disease surveillance.
The first day of the Group of Seven (G7) summit in Évian-les-Bains, France, was dominated by discussions on the Middle East, Ukraine and the global economy, as leaders grappled with multiple crises that have reshaped the international landscape.
Pakistan's political leadership on Monday welcomed a breakthrough agreement between the U.S. and Iran aimed at ending more than three months of conflict, with Prime Minister Shehbaz Sharif describing it as a major diplomatic success and a victory for peace.
You can download the AnewZ application from Play Store and the App Store.
What is your opinion on this topic?
Leave the first comment