What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-10-04 20:39:00 | Les chercheurs relient DragOnegg Android Spyware à LightSpy iOS Surveillanceware Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware (lien direct) |
De nouvelles découvertes ont identifié des connexions entre un logiciel espion Android appelé DragOnegg etUn autre outil sophistiqué modulaire de surveillance iOS nommé LightSpy.
DragOnegg, aux côtés de Wyrmspy (aka AndroidControl),a été divulgué pour la première fois par Lookout en juillet 2023 comme une souche de logiciels malveillants capables de collecter des données sensibles à partir d'appareils Android.Il a été attribué au groupe national chinois Apt41.
Sur
New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of gathering sensitive data from Android devices. It was attributed to the Chinese nation-state group APT41. On |
Malware Tool | APT 41 APT 41 | ★★★ |
|
2023-07-19 15:50:00 | Les pirates chinois APT41 ciblent les appareils mobiles avec de nouveaux logiciels espions Wyrmspy et DragOnegg Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware (lien direct) |
L'acteur prolifique lié à l'État-nation connu sous le nom d'APT41 a été lié à deux souches de logiciels spymétriques Android auparavant sans papiers appelés Wyrmspy et DragOnegg.
"Connu pour son exploitation d'applications orientées Web et son infiltration des appareils de point de terminaison traditionnels, un acteur de menace établi comme APT 41, y compris le mobile dans son arsenal de logiciels malveillants, montre comment les points de terminaison mobiles sont à grande valeur
The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called WyrmSpy and DragonEgg. "Known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, an established threat actor like APT 41 including mobile in its arsenal of malware shows how mobile endpoints are high-value |
Malware Threat | APT 41 APT 41 | ★★ |
|
2023-05-03 18:57:00 | Groupe de pirates chinois Earth Longzhi refait surface avec des tactiques de logiciels malveillants avancés Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics (lien direct) |
Une tenue de piratage chinoise parrainée par l'État a refait surface avec une nouvelle campagne ciblant le gouvernement, les soins de santé, la technologie et les entités manufacturières basées à Taïwan, en Thaïlande, aux Philippines et aux Fidji après plus de six mois sans activité.
Trend Micro a attribué l'ensemble d'intrusion à un groupe de cyber-espionnage qu'il suit sous le nom de Terre Longzhi, qui est un sous-groupe au sein de l'APT41 (alias Hoodoo
A Chinese state-sponsored hacking outfit has resurfaced with a new campaign targeting government, healthcare, technology, and manufacturing entities based in Taiwan, Thailand, the Philippines, and Fiji after more than six months of no activity. Trend Micro attributed the intrusion set to a cyber espionage group it tracks under the name Earth Longzhi, which is a subgroup within APT41 (aka HOODOO |
Malware | APT 41 | ★★ |
|
2023-04-17 17:16:00 | Google découvre l'utilisation par APT41 \\ de l'outil GC2 open source pour cibler les médias et les sites d'emploi Google Uncovers APT41\\'s Use of Open Source GC2 Tool to Target Media and Job Sites (lien direct) |
Un groupe chinois de l'État-nation a ciblé une organisation médiatique taïwanaise anonyme pour fournir un outil d'association rouge open source connu sous le nom de Google Command and Control (GC2) au milieu d'une abus plus large de l'infrastructure de Google \\ pour les fins malveillantes.
Le groupe d'analyse des menaces du géant de la technologie (TAG) a attribué la campagne à un acteur de menace qu'il suit en vertu du hoodoo de surnom géologique et géographique, qui est
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google\'s infrastructure for malicious ends. The tech giant\'s Threat Analysis Group (TAG) attributed the campaign to a threat actor it tracks under the geological and geographical-themed moniker HOODOO, which is |
Tool Threat | APT 41 APT 41 | ★★★ |
|
2022-11-14 18:33:00 | New "Earth Longzhi" APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders (lien direct) | Entities located in East and Southeast Asia as well as Ukraine have been targeted at least since 2020 by a previously undocumented subgroup of APT41, a prolific Chinese advanced persistent threat (APT). Cybersecurity firm Trend Micro, which christened the espionage crew Earth Longzhi, said the actor's long-running campaign can be split into two based on the toolset deployed to attack its victims | Threat Guideline | APT 41 | ★★ |
|
2022-10-18 15:41:00 | Chinese \'Spyder Loader\' Malware Spotted Targeting Organizations in Hong Kong (lien direct) | The China-aligned espionage-focused actor dubbed Winnti has set its sights on government organizations in Hong Kong as part of an ongoing campaign dubbed Operation CuckooBees. Active since at least 2007, Winnti (aka APT41, Barium, Bronze Atlas, and Wicked Panda) is the name designated to a prolific cyber threat group that carries out Chinese state-sponsored espionage activity, predominantly | Malware Threat Guideline | APT 41 | |
|
2022-08-18 06:33:50 | China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year (lien direct) | The Chinese advanced persistent threat (APT) actor tracked as Winnti (aka APT41) has targeted at least 13 organizations geographically spanning across the U.S, Taiwan, India, Vietnam, and China against the backdrop of four different campaigns in 2021. "The targeted industries included the public sector, manufacturing, healthcare, logistics, hospitality, education, as well as the media and | Threat Guideline | APT 41 | ★★ |
|
2022-05-04 06:04:06 | Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies (lien direct) | An elusive and sophisticated cyberespionage campaign orchestrated by the China-backed Winnti group has managed to fly under the radar since at least 2019. Dubbed "Operation CuckooBees" by Israeli cybersecurity company Cybereason, the massive intellectual property theft operation enabled the threat actor to exfiltrate hundreds of gigabytes of information. Targets included technology and | Threat | APT 41 | |
|
2022-03-09 02:04:37 | Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant (lien direct) | APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications. The exploited vulnerabilities included "a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in | Vulnerability Threat Guideline | APT 41 | |
|
2022-01-21 03:40:40 | Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks (lien direct) | A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41). Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the "most advanced UEFI firmware implant discovered in the wild to date," adding "the purpose of the | Malware Threat Guideline | APT 41 APT 41 | |
|
2021-10-05 06:16:08 | New Study Links Seemingly Disparate Malware Attacks to Chinese Hackers (lien direct) | Chinese cyber espionage group APT41 has been linked to seemingly disparate malware campaigns, according to fresh research that has mapped together additional parts of the group's network infrastructure to hit upon a state-sponsored campaign that takes advantage of COVID-themed phishing lures to target victims in India.
"The image we uncovered was that of a state-sponsored campaign that plays on |
Malware Guideline | APT 41 | |
|
2021-09-10 01:18:43 | Experts Link Sidewalk Malware Attacks to Grayfly Chinese Hacker Group (lien direct) | A previously undocumented backdoor that was recently found targeting an unnamed computer retail company based in the U.S. has been linked to a longstanding Chinese espionage operation dubbed Grayfly.
In late August, Slovakian cybersecurity firm ESET disclosed details of an implant called SideWalk, which is designed to load arbitrary plugins sent from an attacker-controlled server, gather |
Malware Guideline | APT 41 | |
|
2021-06-13 23:59:46 | Chinese Hackers Believed to be Behind SITA, Air India Data Breach (lien direct) | The cyber assault on Air India that came to light last month lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41.
Group-IB dubbed the campaign "ColunmTK" based on the names of the command-and-control (C2) server domains that were used for communications. "The |
Data Breach Threat Guideline | APT 41 | |
|
2021-01-15 03:31:43 | Researchers Disclose Undocumented Chinese Malware Used in Recent Attacks (lien direct) | Cybersecurity researchers have disclosed a series of attacks by a threat actor of Chinese origin that has targeted organizations in Russia and Hong Kong with malware - including a previously undocumented backdoor.
Attributing the campaign to Winnti (or APT41), Positive Technologies dated the first attack to May 12, 2020, when the APT used LNK shortcuts to extract and run the malware payload. A |
Malware Threat Guideline | APT 41 | ★★★★★ |
|
2020-09-16 09:50:50 | FBI adds 5 Chinese APT41 hackers to its Cyber\'s Most Wanted List (lien direct) | The United States government today announced charges against 5 alleged members of a Chinese state-sponsored hacking group and 2 Malaysian hackers that are responsible for hacking than 100 companies throughout the world.
Named as APT41 and also known as 'Barium,' 'Winnti, 'Wicked Panda,' and 'Wicked Spider,' the cyber-espionage group has been operating since at least 2012 and is not just |
Guideline | APT 41 |
1
We have: 15 articles.
We have: 15 articles.
To see everything:
Our RSS (filtrered)
