Chinese Hackers target Europe, South America, and Middle East Govt officials


By MYBRANDBOOK


Chinese Hackers target Europe, South America, and Middle East Govt officials

Cybersecurity firm Secureworks said a Chinese hacking group called Bronze President has been attributed to a new campaign aimed at infecting government officials in Europe, the Middle East, and South America with PlugX.

 

Secureworks Counter Threat Unit (CTU) said in a report that PlugX is a modular malware that contacts a command-and-control (C2) server for tasking and can download additional plugins to enhance its capability beyond basic information gathering.

 

Also called HoneyMyte, Mustang Panda, Red Lich, and Temp.Hex, Bronze President is a China-based threat actor that is estimated to be a state-sponsored group that leverages a mix of proprietary and publicly available tools to compromise and collect data from its targets.

 

Bronze President has demonstrated an ability to pivot quickly for new intelligence collection opportunities. One of the primary tools of choice of the Hacker group is PlugX, a remote access trojan that has been widely shared among Chinese adversarial collectives.

 

Attack chains distribute RAR archive files that contain a Windows shortcut (.LNK) file disguising as a PDF document, which when opened executes a legitimate file present in a nested hidden folder embedded within the archive. This then paves the way for dropping a decoy document, while the PlugX payload sets up persistence on the infected host.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org