• krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseoSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • krseolinkSpider
  • Experts Uncover New Espionage Attacks by Chinese ‘Mustang Panda’ Hackers
    Home Malware Experts Uncover New Espionage Attacks by Chinese ‘Mustang Panda’ Hackers

    Experts Uncover New Espionage Attacks by Chinese ‘Mustang Panda’ Hackers

    Source Link

    Espionage Attacks by Chinese Hackers

    The China-based threat actor known as Mustang Panda has been observed refining and retooling its tactics and malware to strike entities located in Asia, the European Union, Russia, and the U.S.

    “Mustang Panda is a highly motivated APT group relying primarily on the use of topical lures and social engineering to trick victims into infecting themselves,” Cisco Talos said in a new report detailing the group’s evolving modus operandi.

    The group is known to have targeted a wide range of organizations since at least 2012, with the actor primarily relying on email-based social engineering to gain initial access to drop PlugX, a backdoor predominantly deployed for long-term access.

    Phishing messages attributed to the campaign contain malicious lures masquerading as official European Union reports on the ongoing conflict in Ukraine or Ukrainian government reports, both of which download malware onto compromised machines.

    Espionage Attacks by Chinese Hackers

    Also observed are phishing messages tailored to target various entities in the U.S. and several Asian countries like Myanmar, Hong Kong, Japan, and Taiwan.

    The findings follow a recent report from Secureworks that the group may have been targeting Russian government officials using a decoy containing PlugX that disguised itself as a report on the border detachment to Blagoveshchensk.

    But similar attacks detected towards the end of March 2022 show that the actors are updating their tactics by reducing the remote URLs used to obtain different components of the infection chain.

    Other than PlugX, infection chains utilized by the APT group have involved the deployment of custom stagers, reverse shells, Meterpreter-based shellcode, and Cobalt Strike, all of which are used to establish remote access to their targets with the intention of conducting espionage and information theft.

    “By using summit- and conference-themed lures in Asia and Europe, this attacker aims to gain as much long-term access as possible to conduct espionage and information theft,” Talos researchers said.

    Related Articles

    Leave a Comment

    techhipbettruvabetnorabahisbahis forumutaraftarium24eduseduedusedueduedusedueduedusedus
    casinomilyon güncel giriş
    padişahbet güncel giriş
    vegabet giriş
    padişahbet
    свит бонанза
    lüks casino
    rokubet giriş
    neyine
    biabet giris
    betmatik güncel giriş
    kingbetting güncel
    imajbet giriş
    plinko romania
    pin up aviator
    betwild giris
    cashwin giris
    biabet giriş
    rexbet giriş
    betwild giris
    sugar rush 1000