• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
chinese hackers using russo ukrainian war decoys to target apac and

Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities

You are here: Home / General Cyber Security News / Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities
December 7, 2022

The China-linked country-condition hacking group referred to as Mustang Panda is making use of lures relevant to the ongoing Russo-Ukrainian War to attack entities in Europe and the Asia Pacific.

That is according to the BlackBerry Investigate and Intelligence Group, which analyzed a RAR archive file titled “Political Direction for the new EU solution to Russia.rar.” Some of the qualified countries contain Vietnam, India, Pakistan, Kenya, Turkey, Italy, and Brazil.

Mustang Panda is a prolific cyber-espionage team from China that’s also tracked under the names Bronze President, Earth Preta, HoneyMyte, RedDelta, and Red Lich.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


CyberSecurity

It really is believed to be active considering the fact that at minimum July 2018, for every Secureworks’ threat profile, even though indications are that the risk actor has been targeting entities all over the world as early as 2012.

Mustang Panda is acknowledged to seriously depend on sending weaponized attachments by using phishing emails to obtain original infection, with the intrusions finally primary to the deployment of the PlugX distant accessibility trojan.

Russo-Ukrainian War

Nevertheless, latest spear-phishing attacks undertaken by the team focusing on governing administration, education and learning, and investigate sectors in the Asia Pacific location have included custom made malware like PUBLOAD, TONEINS, and TONESHELL, suggesting an expansion to its malware arsenal.

The latest findings from BlackBerry present that the core an infection system has remained more or less the exact same, even as Mustang Panda proceeds to make use of geopolitical gatherings to their benefit, echoing prior studies from Google and Proofpoint.

Contained inside the decoy archive is a shortcut to a Microsoft Phrase file, which leverages DLL side-loading – a system that was also utilized in attacks aimed at Myanmar earlier this calendar year – to kick off the execution of PlugX in memory, before exhibiting the document’s contents.

“Their attack chain stays reliable with the continued use of archive files, shortcut documents, destructive loaders, and the use of the PlugX malware, while their supply setup is typically custom-made per location/region to entice victims into executing their payloads in the hope of establishing persistence with the intent of espionage,” BlackBerry’s Dmitry Bestuzhev explained to The Hacker Information.

Found this posting appealing? Abide by us on Twitter  and LinkedIn to go through far more exceptional information we article.


Some areas of this article are sourced from:
thehackernews.com

Previous Post: «Cyber Security News UK Government Department Using Unsupported Applications, Reveals Watchdog
Next Post: Unpatched Exchange servers could be behind Rackspace’s ransomware attack, according to one researcher unpatched exchange servers could be behind rackspace's ransomware attack, according»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.