The state-backed Chinese hacker group APT31 has used routers belonging to Swedish citizens as part of cyberattacks against a range of countries, Säpo (Swedish Security Service) revealed.

According to Säpo's press spokesperson Fredrik Hultgren-Friberg, APT31 conducted extensive cyberattacks during 2020 and 2021 against several countries in Europe.

“These attacks were carried out, among other things, from hacked routers belonging to private individuals in Sweden,” Fredrik Hultgren-Friberg told SVT News. He noted that the routers were used to build up an infrastructure network used for their cyber operations.

In Europe, members of the International Alliance Inter-parliamentary Alliance on China (IPAC) have been targeted. IPAC gathers politicians working on how democratic countries should respond to China. Among the members are Swedish politicians Elisabet Lann (Christian Democrats), municipal councilor in the city of Gothenburg, and Member of Parliament Joar Forssell (Liberal Party).

Last month, the US authorities charged seven alleged members of APT31 (aka Zirconium and Judgment Panda) for their involvement in a long-standing cyber espionage campaign targeting individuals and entities both within and outside the United States.

Since at least 2010, the defendants and their associates have targeted a wide range of individuals and organizations, including political dissidents, government officials, political candidates, campaign personnel, and American companies. Their tactics involved sophisticated hacking techniques, including zero-day exploits, which allowed them to gain and maintain access to victim computer networks.

Additionally, the Police of Finland (Poliisi) has formally accused APT31 of orchestrating a cyber attack targeting the country's Parliament in 2020.