Chinese Threat Actors Shift to Live Credential Interception in Phishing Campaigns

Chinese threat actors have shifted from using static phishing pages to live credential interception techniques in recent phishing campaigns. The targets are almost exclusively non-Chinese organizations, indicating a deliberate avoidance of domestic entities. No specific threat actor groups, technical indicators, or dates were disclosed in the report. The method involves real-time interception of credentials rather than storing them on static pages. The impact includes heightened risks of credential theft and unauthorized access to corporate systems.