Cyber Attack cyber

Rubin Central Design Bureau of Marine Engineering

Jan 12, 2026 2 min read
Rubin Central Design Bureau of Marine Engineering

In April 2021, the Rubin Central Design Bureau of Marine Engineering, a key Russian defense entity based in Saint Petersburg, fell victim to a spear-phishing attack orchestrated by Chinese state-sponsored hackers. The attackers deployed a previously undetected backdoor malware, PortDoor, concealed within a malicious RTF file attachment. The primary objective of the campaign was to exfiltrate classified intelligence related to submarine designs developed by the bureau. Despite the sophisticated nature of the intrusion leveraging tailored malware and likely advanced persistence techniques no data breach, operational disruption, or tangible harm was confirmed. The attack was detected before the hackers could achieve their goal of stealing sensitive submarine-related documentation. While the incident underscored vulnerabilities in Russia’s defense industrial base, particularly against nation-state cyber espionage, the lack of actual data compromise or systemic impact limited its immediate consequences. The attack, however, highlighted the persistent threats posed by state-backed cyber groups targeting critical military and industrial secrets.

Source: https://thehackernews.com/2021/05/new-chinese-malware-targeted-russias.html

TPRM report: https://www.rankiteo.com/company/central-design-bureau-for-marine-engineering-rubin

"id": "cen516092125",
"linkid": "central-design-bureau-for-marine-engineering-rubin",
"type": "Cyber Attack",
"date": "4/2021",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'defense (marine engineering, submarine '
                                    'design)',
                        'location': 'Saint Petersburg, Russia',
                        'name': 'Rubin Central Design Bureau of Marine '
                                'Engineering',
                        'type': 'defense contractor'}],
 'attack_vector': ['spear-phishing',
                   'malicious RTF attachment',
                   'PortDoor malware'],
 'date_detected': '2021-04',
 'description': 'In April 2021, the Saint Petersburg-based Russian Defence '
                'Industry entity, Rubin Central Design Bureau of Marine '
                'Engineering, was targeted in a cyberattack involving '
                'spear-phishing and the PortDoor malware. The attack utilized '
                'a malicious RTF-file attachment to deploy an unknown '
                'backdoor. The campaign, attributed to Chinese state-sponsored '
                'cyber-criminals (linked to the Chinese Communist Party), '
                'aimed to exfiltrate information about submarines designed by '
                'the company. Despite the intrusion, no impact was reported.',
 'initial_access_broker': {'backdoors_established': ['PortDoor malware'],
                           'entry_point': 'spear-phishing (malicious RTF '
                                          'attachment)',
                           'high_value_targets': ['submarine design '
                                                  'information']},
 'motivation': 'espionage (submarine design information)',
 'threat_actor': 'Chinese Communist Party state-sponsored cyber-criminals',
 'title': 'Spear-Phishing and PortDoor Malware Attack on Rubin Central Design '
          'Bureau of Marine Engineering',
 'type': ['cyberespionage', 'spear-phishing', 'malware']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.