Here is more from MIT Technology Review:
A hacking group linked to China has spent the last three years targeting human rights organizations, think tanks, news media, and agencies of multiple foreign governments, according to a revealing new report from the cybersecurity firm Recorded Future.
The report, shared exclusively with MIT Technology Review, offers new clues about how private contractors and front companies operating with relatively few resources can run long-standing hacking operations and succeed against high-value targets with crude but effective tactics.
The hackers, known as RedAlpha, have taken aim at organizations including Amnesty International, the International Federation for Human Rights, Radio Free Asia, the Mercator Institute for China Studies, and other think tanks and government and humanitarian groups around the world. The hackers’ impact remains unclear, but judging from the sheer length of the campaign, analysts expect that the digital espionage has, broadly speaking, seen success.
The report notes that RedAlpha has regularly registered domain names imitating think tanks such as MERICS as well as multiple Taiwanese think tanks. "Of particular note, the registration of at least 16 domains spoofing MERICS from early to mid-2021 coincided with the Chinese Ministry of Foreign Affairs (MOFA) imposing sanctions on the Berlin-based think tank in March 2021," it says.
RedAlpha is one of the numerous hacking groups that has been targeting think tanks for years.