Asian Cyberspy Group Infiltrates Government Systems Across 37 Countries

"Shadow Campaign": Chinese hackers compromise 70 organizations in 37 countries, posing a serious threat to national security.

By Content Team

Feb 9, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

A state-sponsored hacking group, likely from China, has compromised at least 70 organizations across 37 countries in what Palo Alto Networks calls the "Shadow Campaign." The cyberspies targeted government agencies, including parliaments, law enforcement, border control, and national telecommunications companies in 155 countries.

The group, tracked as TGR-STA-1030, has been active since at least January 2024 and operates in the GMT+8 timezone. They use sophisticated email phishing to install malware and deploy "ShadowGuard," a previously unknown Linux rootkit that helps them stay hidden.

Targets include finance ministries, counter-terrorism organizations, and a senior elected official. Palo Alto warns the campaign poses serious long-term risks to national security and critical services.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Microsoft Patches Entra Role Flaw That Let Hackers Hijack Service Principals

Apr 26, 2026

Massive Healthcare Cyberattack Paralyzes Medical Billing Across America

Mar 6, 2026

Medical Giant Stryker Hit by Cyberattack Linked to Iranian Group

Mar 12, 2026

Hackers Actively Probing Citrix NetScaler Systems Before Major Attack Wave

Mar 30, 2026