Google Threat Intelligence Group uncovered UNC6508, a previously unknown China-linked espionage group that infiltrated U.S. and Canadian organizations for years to steal sensitive data from medical, academic, military, and policy targets. The group used the INFINITERED backdoor, abused REDCap servers and domain compliance rules, and remained undetected in some cases from September 2023 until late 2025. #UNC6508 #INFINITERED #REDCap
Keypoints
- Google discovered the China-sponsored espionage group UNC6508.
- The campaign targeted organizations in the United States and Canada.
- UNC6508 used the INFINITERED backdoor to steal administrative credentials.
- The group exploited externally facing REDCap servers and remained hidden for years.
- Google disrupted infrastructure and notified affected organizations.
Read More: https://cyberscoop.com/google-unc6508-china-espionage-threat/