Vietnamese hackers began targeting Chinese government officials at the heart of the coronavirus outbreak in the early days of 2020, when the threat of pandemic had barely registered elsewhere in the world, according to findings by cybersecurity firm FireEye Inc.

The attacks were going on as early as Jan 6 and continued through April, said Ben Read, a senior manager for cyber-espionage in the firm’s threat intelligence unit. The campaign of spearphishing and malware fit a pattern the firm ascribed to APT32, a group of hackers working for the Vietnamese government, and the group’s targets were the government of Wuhan and the national ministry of emergency management, he said.