https://thenextweb.com/security/2019/10/04/state-sponsored-chinese-hackers-have-been-targeting-southeast-asia-since-2013/

Researchers have revealed a previously undocumented threat actor of Chinese origin that has run at least six different cyber espionage campaigns in the Southeast Asian region since 2013.

The research — disclosed by Palo Alto Networks’ threat intelligence team Unit 42 — attributed the attacks to a group (or groups) it called PKPLUG, named after its tactic of delivering PlugX malware inside ZIP files, which are identified with the signature “PK.”