Press ESC to close

Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

Attribute Details
Threat Actors China-based APT groups
Campaign Overview Cyber espionage campaign targeting high-profile organizations in Southeast Asia since October 2023
Target Regions (Or Victims) Southeast Asia (government ministries, air traffic control, telecom, media outlet)
Methodology Open-source tools, living-off-the-land (LotL) techniques, reverse proxy tools, DLL payloads
Product Targeted Government organizations, telecoms, media outlets, air traffic control systems
Malware Reference PlugX (Korplug) – Remote access trojan, customized DLLs
Tools Used Rakshasa, Stowaway, keyloggers, password stealers, asset discovery tools
Vulnerabilities Exploited Not specified; initial infection vector remains undetermined
TTPs (Tactics, Techniques, Procedures) Long-term access, password dumping, reconnaissance, keylogger deployment, data exfiltration
Attribution China-based actors, difficult attribution due to shared tradecraft and tools
Recommendations Strengthen network monitoring, improve authentication mechanisms, adopt advanced detection tools
Source The Hackers News

Read full article: https://thehackernews.com/2024/12/researchers-uncover-espionage-tactics.html

The above summary has been generated by an AI language model

Source: TheHackersNews

Published on: December 11, 2024

Leave a Reply

Your email address will not be published. Required fields are marked *