A previously unknown Chinese hacking group known as ‘Space Pirates’ targets enterprises in the Russian aerospace industry with phishing emails to install novel malware on their systems. The threat group is believed to have started operating in 2017, and while it has links to known groups like APT41 (Winnti), Mustang Panda, and APT27, it is thought to be a new cluster of malicious activity. Russian threat analysts at Positive Technologies named the group “Space Pirates” due to their espionage operations focusing on stealing confidential information from companies in the aerospace field. In the wild detections The Space Pirates APT group...