China-Linked Hackers Hit Qatar with Backdoor Disguised as War News

Check Point Research reveals that China-linked hackers, including the Camaro Dragon group, are targeting Qatar with malware disguised as Middle East conflict news. Using tools like PlugX and Cobalt Strike, these attackers are turning their focus toward the Gulf’s energy industry and military targets amid rising regional tensions.

Recent shifts in Middle Eastern politics have triggered a sudden wave of online interference. Groups linked to China have launched cyberattacks directed at Qatar, timed to coincide with a major spike in regional conflict. These actors began their operations on 1 March 2026, just one day after the launch of Operation Epic Fury. It shows just how quickly these groups can turn breaking news into a weapon to trick their targets.

Deceptive Tactics and Fake News Lures

According to Check Point Research, which detected and reported this spike, these hackers are using the chaos of the conflict to make their lures ...