www.darkreading.com 7/1/2026, 1:31:47 AM · external

China linked hackers deploy TinyRCT against SE Asia critical infra

China linked hackers deploy TinyRCT against SE Asia critical infra
Developing story campaign 4 articles tracked
Chinese APT CL-STA-1062 uses TinyRCT backdoor on Southeast Asian energy targets
CyberSIXT Evidence Panel
Threat Actor
CL-STA-1062

A China-linked cyber threat group, identified as CL-STA-1062, has shifted its focus from attacking web-hosting infrastructure in Taiwan to compromising critical infrastructure in Southeast Asia, including electricity, water, and government organizations. Researchers from Palo Alto Networks report that the group has deployed a new backdoor tool called TinyRCT, which is small, stealthy, and designed to evade detection.

The group's activities highlight a significant escalation in cyberattacks from China, aimed at establishing long-term compromises within critical systems in the region. While they have been successful in some attacks, indications suggest that their frequency may be declining as they may have refined their concealment methods. The full extent of the group's capabilities and intentions remains under investigation.

View Primary Source Via www.darkreading.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline